Details
Malware Family Xtreme
Date Added Dec. 7, 2015, 11:20 p.m.
MD5 5f6584f9477a70b4787e9cfdca0024ff
Sha256 47f46e501386ddfc4de586ee81af2988bcc59fa711589467b0822810f68f17d2
Robot Robots lovingly delivered by robohash.org
Config Sections
Group Servers
Install Name Server.exe
FTP Server ftp.ftpserver.com
Domain9 :0
Version 2.9
Mutex 1EdcpW0e
HKLM KLM
Domain3 :0
Domain2 :0
Domain1 mfnfnfb.no-ip.biz:82
Domain7 :0
Domain6 :0
Domain5 :0
Domain4 :0
Install Dir InstallDir
Domain19 :0
Domain18 :0
Custom Reg Key HKCU\Software\Microsoft\Windows\CurrentVersion\Run
FTP Password
Domain15 :0
Domain14 :0
Domain13 :0
Domain12 :0
Domain11 :0
Domain10 :0
Injection %DEFAULTBROWSER%
FTP Folder
Custom Reg Value Server
ID Server
Domain20 :0
FTP UserName ftpuser
Custom Reg Name HKCU
Domain17 :0
Domain8 :0
Domain16 :0
ActiveX Key {AXC43MDR-A4A3-38R6-PI56-86J76WQLTNO8}
HKCU HKCU
Advertising
VirusTotal

47 out of 55 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
Geo Location
Yara Rules
Comments
comments powered by Disqus