Extracted

• • Target

    bf36c2a47a4812d8750ff2c47c6a59438bfeeb1da615ce1653bdcc8d78f0bc22

  • Size

    21KB

  • MD5

    62409100d5b06decd839951c6bc1a9d5

  • SHA1

    274fcf37a2245e0fe4ce38fb267cee0a4bab4e16

  • SHA256

    bf36c2a47a4812d8750ff2c47c6a59438bfeeb1da615ce1653bdcc8d78f0bc22

  • SHA512

    d079fba24d686eb24d34c0ff047aad84da030202b7378a1556c75a2d2d25e5be686628ecfca0da6b5239ad48a53390b792052bb341d2a4f9cb8d46a07cdf9ed3

  • SSDEEP

    384:LIdmF+TH95xJMu/0PlxjV8BINhuLJ37tMOpuqqz3KK7eIVmiTgL8dYsbbZxEXMEw:LIsF8HdbKjV8BX7Vy6K7eIVTTgQdYkky

  Score

  10^/10

  xtremeratpersistenceratspywareupx

  • Detect XtremeRAT payload

  • XtremeRAT

    The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    persistencespywareratxtremerat

  • Modifies Installed Components in the registry

    persistence

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Adds Run key to start application

    persistence
  behavioral1behavioral2