Details
Malware Family Xtreme
Date Added March 8, 2019, 6:25 a.m.
MD5 3e6842c537a924d532de605ba9174a34
Sha256 1617281fad59a76866d1a2fce0f45ce7b947e9f7ac3b6b7770a77f5429d1338f
Robot Robots lovingly delivered by robohash.org
Config Sections
Install Dir InstallDir
Group Bot
Msg Box Text . # 13 # 10Please .
FTP Password ftppass
Install Name Server.exe
FTP Server ftp.ftpserver.com
FTP UserName
Msg Box Title
Domain3 :0
Version 3.7
Mutex ((Mutex))
Domain5 :0
HKLM HKLM
Domain2 :0
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
FTP Folder
Injection svchost.exe
Domain4 :0
ID Server
Domain1 loolrat.no-ip.org:81
HKCU HKCU
Advertising
VirusTotal

53 out of 64 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
Geo Location
Yara Rules
Comments
comments powered by Disqus