xtremerat | dca2b5786038222545f51b84e95f95810f73703d9932c727c73ec0ae7f9f6cf9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dca2b5786038222545f51b84e95f95810f73703d9932c727c73ec0ae7f9f6cf9
Size

54KB
MD5

7817f5530ac45d0e36f4e7b0d2fbd2bc
SHA1

bc0dfac58a1d852d858a029c915275e611e89905
SHA256

dca2b5786038222545f51b84e95f95810f73703d9932c727c73ec0ae7f9f6cf9
SHA512

154f257692bf89ac10580a32d79a53a103f4656c1acfb09b3de78bf9b7a7c993d47e8a6c47e6784cee8753b36caa8fe7fd4782b800c9dd8afd49f2361e003159
SSDEEP

768:5Gsdq7QJTlbUP3EwomeRih8jLlLDhKDSGU2+rD3yAS7HWqKBS+:ksdq7QgP0ZNWb+XvaWF

Score

10^/10

xtremerat

Malware Config

Signatures

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Files

dca2b5786038222545f51b84e95f95810f73703d9932c727c73ec0ae7f9f6cf9
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 203KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ