General
-
Target
757f07a92c2575083465397f3deae51f1076e046c788ac511f36f18b56190b13
-
Size
19.0MB
-
Sample
221122-zjcjfabg9x
-
MD5
cb048b97fcf53ee570d48ee1c45add87
-
SHA1
f44c8962aaf0f12f9655137c1b8e22dcf7237128
-
SHA256
757f07a92c2575083465397f3deae51f1076e046c788ac511f36f18b56190b13
-
SHA512
2efc2a73bdd4aacfdd4d8cd75bb1ddcacc27768b96a6561988f36fbdbcc02b6b2cbc834e86c2c7139f38c0ecbae826dd4e96d229534d82d0b23f7f2367a78df5
-
SSDEEP
3072:iExBEUC/nfj/FwAfFP5RPvaiTX1A1sD8RzMtTU:an7FtftnXYA8RzETU
Static task
static1
Behavioral task
behavioral1
Sample
757f07a92c2575083465397f3deae51f1076e046c788ac511f36f18b56190b13.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
757f07a92c2575083465397f3deae51f1076e046c788ac511f36f18b56190b13.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
xtremerat
microsoftupdate.dlinkddns.com
Targets
-
-
Target
757f07a92c2575083465397f3deae51f1076e046c788ac511f36f18b56190b13
-
Size
19.0MB
-
MD5
cb048b97fcf53ee570d48ee1c45add87
-
SHA1
f44c8962aaf0f12f9655137c1b8e22dcf7237128
-
SHA256
757f07a92c2575083465397f3deae51f1076e046c788ac511f36f18b56190b13
-
SHA512
2efc2a73bdd4aacfdd4d8cd75bb1ddcacc27768b96a6561988f36fbdbcc02b6b2cbc834e86c2c7139f38c0ecbae826dd4e96d229534d82d0b23f7f2367a78df5
-
SSDEEP
3072:iExBEUC/nfj/FwAfFP5RPvaiTX1A1sD8RzMtTU:an7FtftnXYA8RzETU
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-