General
-
Target
bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39
-
Size
21KB
-
Sample
221122-y1f3hsff72
-
MD5
4b55412a1a5fd0e238578068d41d7012
-
SHA1
20156b4f5fa96870c7649fb510008f0e7e13fc8e
-
SHA256
bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39
-
SHA512
8c3fb507fcdd722509614b89bdbe74f832b5d5c039a0c14cbe1bc98cd1ba0e5b98917b7448fda10c36bdc5789d7c19b7799e560fd861b1a109b22d767e94b439
-
SSDEEP
384:jIdmF+TH95xJMu/0PlxjV8BINhuLJ37tMOpuqqz3KK7eIVmiW6d6bt/JaRgVpLR:jIsF8HdbKjV8BX7Vy6K7eIVTW6dOtkOp
Behavioral task
behavioral1
Sample
bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39
-
Size
21KB
-
MD5
4b55412a1a5fd0e238578068d41d7012
-
SHA1
20156b4f5fa96870c7649fb510008f0e7e13fc8e
-
SHA256
bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39
-
SHA512
8c3fb507fcdd722509614b89bdbe74f832b5d5c039a0c14cbe1bc98cd1ba0e5b98917b7448fda10c36bdc5789d7c19b7799e560fd861b1a109b22d767e94b439
-
SSDEEP
384:jIdmF+TH95xJMu/0PlxjV8BINhuLJ37tMOpuqqz3KK7eIVmiW6d6bt/JaRgVpLR:jIsF8HdbKjV8BX7Vy6K7eIVTW6dOtkOp
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Modifies Installed Components in the registry
-
Deletes itself
-
Adds Run key to start application
-