Details
Malware Family Xtreme
Date Added March 8, 2019, 6:25 a.m.
MD5 2bb1c14eac46b83488670e654bff6231
Sha256 38e5e7e525bed66e5ec3ed021109cc925a01611c31b3c3c1b4cc5fb914184bb9
Robot Robots lovingly delivered by robohash.org
Config Sections
Group Servers
Install Name 11111111111er.exe
FTP Server ftp.ftpserver.com
Domain9 :0
Version 2.9
Mutex --((Mutex))--
HKLM KLM
Domain3 :0
Domain2 :0
Domain1 aamm11555.ddns.net:55553
Domain7 :0
Domain6 :0
Domain5 :0
Domain4 :0
Install Dir InstallDir
Domain19 :0
Domain18 :0
Custom Reg Key HKCU\Software\Microsoft\Windows\CurrentVersion\Run
FTP Password
Domain15 :0
Domain14 :0
Domain13 :0
Domain12 :0
Domain11 :0
Domain10 :0
Injection %DEFAULTBROWSER%
FTP Folder
Custom Reg Value
ID Server
Domain20 :0
FTP UserName ftpuser
Custom Reg Name HKCU
Domain17 :0
Domain8 :0
Domain16 :0
ActiveX Key {QE5EW30V-GJGL-01X5-E5DP-4T535J1I117M}
HKCU HKCU
Advertising
VirusTotal

56 out of 62 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
Geo Location
Yara Rules
Comments
comments powered by Disqus