Details
| Malware Family | Xtreme |
|---|---|
| Date Added | March 23, 2015, 8:29 p.m. |
| MD5 | 8c6ebb1d3188003fed629a976469e90d |
| Sha256 | 1ec75881ab970ab9a170697572dff103e805da1049bf25d32dbeb678ad80ce77 |
| Robot | Robots lovingly delivered by robohash.org |
Config Sections
| InstallName | shh.exe |
|---|---|
| Version | 3.5Private |
| CampaignID | der |
| Domain1 | holiha.boutique123.eu:21194 |
| FTPFolder | |
| FTPPassword | ftppass |
| HKCU | sshh |
| FTPServer | ftp.ftpserver.com |
| MsgBoxTitle | Error |
| Mutex | H4Subh |
| MsgBoxText | Anunexpectederroroccurredwhenstartingtheprogram. |
| HKLM | shh |
| Domain2 | bibilomp.servemp3.com:21195 |
| Domain3 | jojok.servehttp.com:21196 |
| CampaignGroup | job |
| Injection | %DEFAULTBROWSER% |
| Domain4 | 193.37.152.57:21197 |
| InstallDir | shh |
| FTPUserName | |
| Domain5 | :0 |
| ActiveXKey | {0A231734-A43O-420G-IXP7-8L20OP2UI8A0} |
Advertising
VirusTotal
This hash does not exist in virustotal
Domain Data
| Domain | IP | Country Code |
|---|
Geo Location
Yara Rules
Comments