Details
Malware Family CyberGate
Date Added Feb. 8, 2018, 6:25 a.m.
MD5 c9feadea82ac0a46687116390c62334d
Sha256 81b7b0a088d37d4632eef895244f5cde525180bcef590c18968c6aaf1ca41190
Robot Robots lovingly delivered by robohash.org
Config Sections
MeltFile FALSE
InstallFlag TRUE
CampaignID
FTPPassword +
FTPDirectory ./logs/
Mutex ***MUTEX***
InstallDir
FTPPort 21
EnableMessageBox FALSE
Password abcd1234
FTPUserName ftp_user
ActivateKeylogger TRUE
FTPAddress ftp.server.com
REGKeyHKLM
MessageBoxButton 0
StartupPolicies
FTPInterval 30
InstallMessageTitle Error
KeyloggerEnableFTP FALSE
MessageBoxIcon 16
Domain kamalos.no-ip.biz,
ActiveXStartup {218A3Q1V-M05N-O32L-4AM8-MA0JEIMDL4ML}
InstallMessageBox Please try again later.
ChangeCreationDate TRUE
CyberGateVersion
Persistance TRUE
InstallFileName Win_Xp.exe
REGKeyHKCU
KeyloggerBackspace TRUE
HideFile TRUE
USBSpread TRUE
Port 81,
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
kamalos.no-ip.biz 0
Geo Location
Yara Rules
Comments
comments powered by Disqus