Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2015-09-14 20:32:27 |
MD5 | e89097504a2ba4bd823354904dab9496 |
Sha256 | 5acffdc303d47e9d71af816cc1c8122e02cc905244894dc100fe86d582fcb12a |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | + |
---|---|
CampaignID | vtima |
Password | abcd1234 |
USBSpread | FALSE |
FTPAddress | ftp.server.com |
InstallDir | install |
Persistance | FALSE |
InstallMessageTitle | ttulo da mensagem |
KeyloggerBackspace | TRUE |
HideFile | FALSE |
FTPDirectory | ./logs/ |
Domain | moreno10.no-ip.biz, |
InstallFileName | server.exe |
FTPPort | 21 |
REGKeyHKCU | HKCU |
MessageBoxIcon | 16 |
Port | 81, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | |
FTPUserName | ftp_user |
ChangeCreationDate | FALSE |
MeltFile | TRUE |
Mutex | ***MOMOP*** |
KeyloggerEnableFTP | TRUE |
FTPInterval | 30 |
InstallMessageBox | texto da mensagem |
InstallFlag | TRUE |
ActiveXStartup | {R814TML6-QQKY-57O5-YJ2X-478XOC326M21} |
EnableMessageBox | FALSE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
47 out of 54 AV Engines identified the sample as Malicious.