General
-
Target
4d7f3870071e450590b8ab583d40cf04a426d632caf22dbb2fa1d85189edf8d6
-
Size
482KB
-
Sample
220712-dbhjtsfhap
-
MD5
03b0ffda898e3430a3c8de526428817a
-
SHA1
970b5dd7cc463d663d91749825af7e474fe55eab
-
SHA256
4d7f3870071e450590b8ab583d40cf04a426d632caf22dbb2fa1d85189edf8d6
-
SHA512
142ea5b3bcdbf8c375d71f5a6c4ab1fc710540547cb9922bdc29fd9d597cd171aea920ef1f6b953ded08c08db4a0914739a19704d9316e9dd04860640fd1698c
Static task
static1
Behavioral task
behavioral1
Sample
4d7f3870071e450590b8ab583d40cf04a426d632caf22dbb2fa1d85189edf8d6.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
4d7f3870071e450590b8ab583d40cf04a426d632caf22dbb2fa1d85189edf8d6
-
Size
482KB
-
MD5
03b0ffda898e3430a3c8de526428817a
-
SHA1
970b5dd7cc463d663d91749825af7e474fe55eab
-
SHA256
4d7f3870071e450590b8ab583d40cf04a426d632caf22dbb2fa1d85189edf8d6
-
SHA512
142ea5b3bcdbf8c375d71f5a6c4ab1fc710540547cb9922bdc29fd9d597cd171aea920ef1f6b953ded08c08db4a0914739a19704d9316e9dd04860640fd1698c
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-