General
-
Target
22a2b110e561bb5155cc85793d232ba9750aea25a4a9480a835e1fdd840d251d
-
Size
112KB
-
Sample
220612-e6zx2aeecl
-
MD5
019d195f5349e3824a4cfae7443da9d9
-
SHA1
3e3839f4b03dc7e1b1eaa7709bd586b967906471
-
SHA256
22a2b110e561bb5155cc85793d232ba9750aea25a4a9480a835e1fdd840d251d
-
SHA512
d8dcfede2b4501723e4c218e0945b9ff36d6f4613b3a62d3180a8e1ef0d19906ce3ae7424dd8d5552cad8d33ca01863f8f8e30e1d29c0a9244f570b7706c2995
Behavioral task
behavioral1
Sample
22a2b110e561bb5155cc85793d232ba9750aea25a4a9480a835e1fdd840d251d.exe
Resource
win7-20220414-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
22a2b110e561bb5155cc85793d232ba9750aea25a4a9480a835e1fdd840d251d
-
Size
112KB
-
MD5
019d195f5349e3824a4cfae7443da9d9
-
SHA1
3e3839f4b03dc7e1b1eaa7709bd586b967906471
-
SHA256
22a2b110e561bb5155cc85793d232ba9750aea25a4a9480a835e1fdd840d251d
-
SHA512
d8dcfede2b4501723e4c218e0945b9ff36d6f4613b3a62d3180a8e1ef0d19906ce3ae7424dd8d5552cad8d33ca01863f8f8e30e1d29c0a9244f570b7706c2995
-
Detect XtremeRAT Payload
-
Modifies firewall policy service
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-