Details
Robot
FileName VirusShare_dd854288b4c72389795b1d2e50806646
Malware Family CyberGate
Date Added 2015-03-23 20:29:25
MD5 dd854288b4c72389795b1d2e50806646
Sha256 564e5f280473bfded0b33670af3b48c6f80228036b774dce1112e943d62137a6
Robot Robots lovingly delivered by robohash.org
Advertising
Config Data
RegKeyHKLM HKLM
FTPInterval 30
InstallFileName server.exe
CampaignID LUKAS
Domain jacklerson-k2.no-ip.org,
InstallMessageTitle Erro
KeyLoggerEnableFTP FALSE
ActiveXStartup {08B0E5JF-4FCB-11CF-AAA5-00401C6XX500}
FTPUserName ftp_user
Persistance FALSE
GoogleChromePasswords NoLongerStored
Password 0071
Port 81,
USBSpread FALSE
Mutex ***MUTEX***
P2PSpread
InstallMessageBox Erroaoinstalar
MessageBoxIcon 16
ActivateKeylogger TRUE
StartupPolicies Policies
FTPAddress ftp.server.com
KeyloggerBackspace TRUE
ChangeCreationDate FALSE
InstallFlag TRUE
FTPPort 21
CyberGateVersion
InstallDir install
FTPPassword +
MessageBoxButton 0
MeltFile TRUE
RegKeyHKCU HKCU
FTPDirectory ./logs/
HideFile FALSE
EnableMessageBox TRUE
Virustotal

49 out of 54 AV Engines identified the sample as Malicious.

Virustotal Report