Details
Robot
FileName
Malware Family Xtreme
Date Added 2019-03-06 06:25:21
MD5 abf4782fc6deb4ad39d1647341f942ed
Sha256 4327b3a352a326a0171d4fb8d748096343c49085bd6268fe2a69089acdcaa85d
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
HKCU windows
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
Injection winlogon.exe
FTP Server ftp.ftpserver.com
Group Servers
Domain2 :0
Version 3.1
Msg Box Title Erro
Mutex ((Mutex))
ID Server
Domain3 :0
FTP Password ftppass
Domain4 :0
Install Name csrss.exe
Msg Box Text Ocorreu um erro inesperado ao iniciar o programa.
Install Dir Windows
Domain1 187.115.240.135:6000
Domain5 :0
FTP UserName ftpuser
HKLM atualizar
FTP Folder
Virustotal

62 out of 70 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
ddns.net cometdb.ddns.net 128.199.50.200 SG