Details
Malware Family Xtreme
Date Added March 8, 2019, 6:25 a.m.
MD5 82b6dede2e6048aa92afa9cb9eec5502
Sha256 cefb8ce3bb177c8d793e5ffd79597fee22e6236815764711fb760ec6818e4a91
Robot Robots lovingly delivered by robohash.org
Config Sections
Group Servers
Install Name 11111111111er.exe
FTP Server ftp.ftpserver.com
Domain9 :0
Version 2.9
Mutex --((Mutex))--
HKLM KLM
Domain3 :0
Domain2 :0
Domain1 aamm11555.ddns.net:55553
Domain7 :0
Domain6 :0
Domain5 :0
Domain4 :0
Install Dir InstallDir
Domain19 :0
Domain18 :0
Custom Reg Key HKCU\Software\Microsoft\Windows\CurrentVersion\Run
FTP Password
Domain15 :0
Domain14 :0
Domain13 :0
Domain12 :0
Domain11 :0
Domain10 :0
Injection %DEFAULTBROWSER%
FTP Folder
Custom Reg Value
ID Server
Domain20 :0
FTP UserName ftpuser
Custom Reg Name HKCU
Domain17 :0
Domain8 :0
Domain16 :0
ActiveX Key {QE5EW30V-GJGL-01X5-E5DP-4T535J1I117M}
HKCU HKCU
Advertising
VirusTotal

61 out of 70 AV's Identified the sample as Malicious

Virus Total Report

Domain Data
Domain IP Country Code
Geo Location
Yara Rules
Comments
comments powered by Disqus