Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2016-01-30 03:00:03 |
MD5 | e5d32ca4fb9cef3e8d021c0841e371fb |
Sha256 | 1a4b5765b292c63f2bbd928c2540a8a0ff2ce1f181db45bc2fb8c4501e7c88eb |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | Gerador |
Password | 123 |
USBSpread | FALSE |
FTPAddress | ftp.server.com |
InstallDir | windows |
Persistance | TRUE |
InstallMessageTitle | ttulo da mensagem |
KeyloggerBackspace | TRUE |
HideFile | FALSE |
FTPDirectory | ./logs/ |
Domain | delete21.ddns.net, |
InstallFileName | svchost.exe |
FTPPort | 21 |
REGKeyHKCU | HKCU |
MessageBoxIcon | 16 |
Port | 75, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | HKLM |
FTPUserName | ftp_user |
ChangeCreationDate | TRUE |
MeltFile | FALSE |
Mutex | svchost |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | texto da mensagem |
InstallFlag | TRUE |
ActiveXStartup | {1BA5F773-3NP5-A30D-J40W-2QQUX5152T8S} |
EnableMessageBox | FALSE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
51 out of 55 AV Engines identified the sample as Malicious.