Details
Malware Family Xtreme
Date Added April 27, 2018, 6:25 a.m.
MD5 7799e36a2e9c54c3ef1c3b379d620d82
Sha256 f6f5f2696c840b4f7d633b419e3f1e95117719f7141fbc7bfabd178533479708
Robot Robots lovingly delivered by robohash.org
Config Sections
Group Hackers
Install Name taskhostw.exe
FTP Server ftp.ftpserver.com
Domain9 :0
Version 2.9
Mutex 7yRkVFlau5EX
HKLM tualizar
Domain3 :0
Domain2 :0
Domain1 gabrielcfalll.ddns.net:1177
Domain7 :0
Domain6 :0
Domain5 :0
Domain4 :0
Install Dir Windows
Domain19 :0
Domain18 :0
Custom Reg Key HKCU\Software\Microsoft\Windows\CurrentVersion\Run
FTP Password
Domain15 :0
Domain14 :0
Domain13 :0
Domain12 :0
Domain11 :0
Domain10 :0
Injection winlogon.exe
FTP Folder
Custom Reg Value Device
ID 2Cheat Loader
Domain20 :0
FTP UserName ftpuser
Custom Reg Name HKCU
Domain17 :0
Domain8 :0
Domain16 :0
ActiveX Key {H41D1CMC-N31Y-EE7B-7O01-4A7LGVU783QQ}
HKCU windows
Advertising
VirusTotal

This hash does not exist in virustotal

Domain Data
Domain IP Country Code
Geo Location
Yara Rules
Comments
comments powered by Disqus