Details
Robot
FileName
Malware Family Xtreme
Date Added 2019-03-06 06:25:21
MD5 6c9aaf40e7ebd70213fafcc15986fa70
Sha256 43fd5428b8db72f5705ae649d65ab908d8727a908e087e56467436e20f40904d
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
HKCU HKCU
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
Injection %DEFAULTBROWSER%
FTP Server ftp.ftpserver.com
Group Servers
Domain2 193.140.175.2:23
Version 3.6 Private
Msg Box Title ERROR
Mutex ((Mutex))
ID Server
Domain3 193.140.175.7:23
FTP Password ftppass
Domain4 :0
Install Name Server.exe
Msg Box Text PROGRAM BASLATILIRKEN BEKLENMEYEN BIR HATA OLUSTU.
Install Dir InstallDir
Domain1 127.0.0.1:81
Domain5 :0
FTP UserName
HKLM HKLM
FTP Folder
Virustotal

61 out of 71 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
ddns.net cometdb.ddns.net 128.199.50.200 SG