Details
Robot
FileName
Malware Family Xtreme
Date Added 2019-03-08 06:25:16
MD5 3e6842c537a924d532de605ba9174a34
Sha256 1617281fad59a76866d1a2fce0f45ce7b947e9f7ac3b6b7770a77f5429d1338f
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
HKCU HKCU
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
Injection svchost.exe
FTP Server ftp.ftpserver.com
Group Bot
Domain2 :0
Version 3.7
Msg Box Title
Mutex ((Mutex))
ID Server
Domain3 :0
FTP Password ftppass
Domain4 :0
Install Name Server.exe
Msg Box Text . # 13 # 10Please .
Install Dir InstallDir
Domain1 loolrat.no-ip.org:81
Domain5 :0
FTP UserName
HKLM HKLM
FTP Folder
Virustotal

53 out of 64 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
ddns.net cometdb.ddns.net 128.199.50.200 SG