Details
Malware Family CyberGate
Date Added May 25, 2016, 3 a.m.
MD5 ddbe7f660a88beb289b3eeee0225332c
Sha256 82ea2fb933549fc0c9c6b2da0fc7cf31051be230d6b28c6defa6c9750ae59fb6
Robot Robots lovingly delivered by robohash.org
Config Sections
MeltFile FALSE
InstallFlag TRUE
CampaignID Server
FTPPassword +
FTPDirectory ./logs/
Mutex ***MUTEX***
InstallDir windr
FTPPort 21
EnableMessageBox TRUE
Password abcd1234
FTPUserName ftp_user
ActivateKeylogger TRUE
FTPAddress ftp.server.com
REGKeyHKLM
MessageBoxButton 0
StartupPolicies Policies
FTPInterval 30
InstallMessageTitle Error
KeyloggerEnableFTP FALSE
MessageBoxIcon 16
Domain spynet7.3utilities.com,
ActiveXStartup {085ERR4Q-FKJL-7AMD-5B23-8SI51D266APW}
InstallMessageBox This file is corrupted or missing its directory
ChangeCreationDate TRUE
CyberGateVersion
Persistance TRUE
InstallFileName activex.exe
REGKeyHKCU Adobe ActiveX
KeyloggerBackspace TRUE
HideFile TRUE
USBSpread FALSE
Port 81,
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
spynet7.3utilities.com 0
Geo Location
Yara Rules
Comments
comments powered by Disqus