xtremerat | 552be2e02d1414c7a5496c07fdbfd40d7ab6c5d50df55c93c468c7607b30c6a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

552be2e02d1414c7a5496c07fdbfd40d7ab6c5d50df55c93c468c7607b30c6a1
Size

1.4MB
MD5

0ad1c1a7b3f5e3dbfb59b915100f07d0
SHA1

1de1bb1d33f4f5fd5285bdcc45f2dee1b66cbb1e
SHA256

552be2e02d1414c7a5496c07fdbfd40d7ab6c5d50df55c93c468c7607b30c6a1
SHA512

b1211c7c184616dad192e9ec9e0a98b1c0787d5c1c0ea719ed139b532ba01a88be0f09eabaf309e2631a19c52b83aa8c1613ed139954c83b26a7b76743ef57ea
SSDEEP

24576:EgjKBCYKfXqfZSydY+vVKKzXeXET0MeFslsd4o:EgjfX4SQVKK7eXET0MeFs+Oo

Score

10^/10

xtremerat cybergate

Malware Config

Signatures

Cybergate family
cybergate

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Files

552be2e02d1414c7a5496c07fdbfd40d7ab6c5d50df55c93c468c7607b30c6a1
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 933KB - Virtual size: 933KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 64B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ