General
-
Target
8e713951bf6e96ec42039da5466b865731cacc52a4265773ba68d25fe26621a9
-
Size
45KB
-
Sample
221122-y1akqsbb2x
-
MD5
36210ddf15588f34f84eda662ebf7948
-
SHA1
32b34e6e888c047df8aa7bba87441f33664800de
-
SHA256
8e713951bf6e96ec42039da5466b865731cacc52a4265773ba68d25fe26621a9
-
SHA512
11f05b7d078163559c455d4eca282c86215aef1cf5211d25d6a94a01183b22a59a081fccdcca45907e258f7650b24fb01679b9062437c429dc88dbc2b2377a12
-
SSDEEP
768:9Br+tjFY90iY6W1jwmDzKgEFQXaklMIAnH8hwfOgw0c5zoA:jyRh31jxPEFQXak+H84booA
Behavioral task
behavioral1
Sample
8e713951bf6e96ec42039da5466b865731cacc52a4265773ba68d25fe26621a9.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
8e713951bf6e96ec42039da5466b865731cacc52a4265773ba68d25fe26621a9.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
xtremerat
systeam.ddns.net
Targets
-
-
Target
8e713951bf6e96ec42039da5466b865731cacc52a4265773ba68d25fe26621a9
-
Size
45KB
-
MD5
36210ddf15588f34f84eda662ebf7948
-
SHA1
32b34e6e888c047df8aa7bba87441f33664800de
-
SHA256
8e713951bf6e96ec42039da5466b865731cacc52a4265773ba68d25fe26621a9
-
SHA512
11f05b7d078163559c455d4eca282c86215aef1cf5211d25d6a94a01183b22a59a081fccdcca45907e258f7650b24fb01679b9062437c429dc88dbc2b2377a12
-
SSDEEP
768:9Br+tjFY90iY6W1jwmDzKgEFQXaklMIAnH8hwfOgw0c5zoA:jyRh31jxPEFQXak+H84booA
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-