xtremerat | cbf46973fb6239a58fd03f472ad7c1bbf218cad7be2e23904b711ffaa7511825 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbf46973fb6239a58fd03f472ad7c1bbf218cad7be2e23904b711ffaa7511825
Size

61KB
MD5

416cc70e2981b0e5ca9d6880b8f9b973
SHA1

94e9ce59f33c22b5d37e6b3700f72f31ce446339
SHA256

cbf46973fb6239a58fd03f472ad7c1bbf218cad7be2e23904b711ffaa7511825
SHA512

e1b5559fd62e3c7feacfad5f530ae224bace02ce21dbed601ae7a5922e12eb24f28513d85f9e9c91e8c5f2f029304181202bd19193bce1b64f364455a9bf55f9
SSDEEP

1536:pT8qDqQ8K9MKhuiUMKgP2koJ0w8tl5NX5V:tqMyKQLKw8/D

Score

10^/10

xtremerat

Malware Config

Signatures

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Files

cbf46973fb6239a58fd03f472ad7c1bbf218cad7be2e23904b711ffaa7511825
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 203KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ