Details
Robot
FileName
Malware Family Xtreme
Date Added 2019-02-08 06:25:08
MD5 3e42dd4b081ab5198a08828483754bec
Sha256 ac225cd709b391ebbdf6a7b881aa59a4d56921a37b1be51da8e17e4112434394
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
HKCU HKCU
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
Injection calc.exe
FTP Server ftp.ftpserver.com
Group Servers
Domain2 :0
Version 3.6 Private
Msg Box Title
Mutex 0eoMSk
ID Server
Domain3 :0
FTP Password ftppass
Domain4 :0
Install Name Server.exe
Msg Box Text
Install Dir InstallDir
Domain1 qwertyqwerty123.zapto.org:80
Domain5 :0
FTP UserName
HKLM HKLM
FTP Folder
Virustotal

61 out of 70 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
ddns.net cometdb.ddns.net 128.199.50.200 SG