Details
Malware Family Xtreme
Date Added March 3, 2018, 6:25 a.m.
MD5 4dcf6bac09c827247169173db2491b97
Sha256 fcda7cd41fd207c0542ed8b28822327c64bbfd462b98abbeea72c83b06e88e76
Robot Robots lovingly delivered by robohash.org
Config Sections
Group Servers
Install Name windows.exe
FTP Server ftp.ftpserver.com
Domain9 :0
Version 2.9
Mutex --((Mutex))--
HKLM KLM
Domain3 :0
Domain2 :0
Domain1 zueirasemlimites.duckdns.org:2020
Domain7 :0
Domain6 :0
Domain5 :0
Domain4 :0
Install Dir InstallDir
Domain19 :0
Domain18 :0
Custom Reg Key HKCU\Software\Microsoft\Windows\CurrentVersion\Run
FTP Password
Domain15 :0
Domain14 :0
Domain13 :0
Domain12 :0
Domain11 :0
Domain10 :0
Injection %DEFAULTBROWSER%
FTP Folder
Custom Reg Value
ID Server
Domain20 :0
FTP UserName ftpuser
Custom Reg Name HKCU
Domain17 :0
Domain8 :0
Domain16 :0
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
HKCU HKCU
Advertising
VirusTotal

61 out of 68 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
Geo Location
Yara Rules
Comments
comments powered by Disqus