Details
Robot
FileName
Malware Family Xtreme
Date Added 2016-02-07 22:12:45
MD5 ed89ff53fe4e3034a531488e95bc3580
Sha256 0705d6526b8820b6b8d29e73f5423059f089bc176a4b816a95dc7116f3b7d39e
Robot Robots lovingly delivered by robohash.org
Advertising
C2 Data
Domain3 :0
Injection svchost.exe
FTP Server ftp.ftpserver.com
Group Servers
Domain2 :0
ID Server
Version 3.6 Private
Msg Box Title Error
Mutex ((Yahoo))
HKCU HKCU
ActiveX Key {5460C4DF-B266-909E-CB58-E32B79832EB2}
FTP Password ftppass
Domain4 :0
Install Name xml.exe
Msg Box Text An unexpected error occurred when starting the program.
Install Dir wbem
Domain1 127.0.0.1:81
Domain5 :0
FTP UserName
HKLM HKLM
FTP Folder
Virustotal

50 out of 53 AV Engines identified the sample as Malicious.

Virustotal Report

C2 Information
Domain FQDN IP Country Code
serveftp.com georgea.serveftp.com 0.0.0.0 0