Details
FileName | |
---|---|
Malware Family | Xtreme |
Date Added | 2016-01-26 03:00:03 |
MD5 | da02a133f79ca1f8b2867d44f41cac0f |
Sha256 | c8d0704e12e2764fe7c688b57738929ca1dae6a186320781d8231a341fdc5196 |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
Install Dir | |
---|---|
FTP Server | ftp.ftpserver.com |
Domain18 | :0 |
Domain2 | :0 |
Custom Reg Value | s! |
Domain15 | :0 |
Domain8 | :0 |
Custom Reg Key | HKCU\Software\Microsoft\Windows\CurrentVersion\Run |
Domain3 | :0 |
Domain17 | :0 |
Domain5 | :0 |
Domain1 | beloved.no-ip.biz:1122 |
Domain9 | :0 |
Domain13 | :0 |
HKLM | KLM |
FTP Folder | |
Domain6 | :0 |
Domain12 | :0 |
Custom Reg Name | HKCU |
ActiveX Key | {5460C4DF-B266-909E-CB58-E32B79832EB2} |
Injection | %DEFAULTBROWSER% |
Domain14 | :0 |
Group | Servers |
Domain19 | :0 |
Install Name | cdm.exe |
Domain20 | :0 |
Version | 2.9 |
Mutex | --((Mutex))-- |
HKCU | HKCU |
FTP Password | |
Domain10 | :0 |
Domain11 | :0 |
ID | Server |
Domain16 | :0 |
FTP UserName | ftpuser |
Domain4 | :0 |
Domain7 | :0 |
Virustotal
45 out of 53 AV Engines identified the sample as Malicious.