Details
Malware Family Xtreme
Date Added March 23, 2015, 8:29 p.m.
MD5 4e1ea8be84c93ca4e81c7e818299eefc
Sha256 d5042d68b813d5c45c03fe6883f5b83ff079cb9c394ddcc9c84f58e0369c6cdf
Robot Robots lovingly delivered by robohash.org
Config Sections
Domain4 :0
Install Dir wbem
Group Default
Msg Box Text Pleasetryagainlater.
FTP Password ftppass
Install Name xml.exe
FTP Server ftp.ftpserver.com
FTP UserName
ID Default
Domain3 :0
Version 3.5Private
Mutex Yahoo
HKLM HKLM
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
Domain2 :0
Domain1 namehost.dyndns.org:1863
HKCU HKCU
FTP Folder
Injection svchost.exe
Domain5 :0
Msg Box Title Sorry
Advertising
VirusTotal

36 out of 42 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
Geo Location
Yara Rules
Comments
comments powered by Disqus