6d72a0d187d50600844cd0c1cfd7fe11910f465f1c7f8587a924678fa608de6c | Triage

Submit
Reports

Overview

overview

Static

static

6d72a0d187...6c.exe

windows7-x64

6d72a0d187...6c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6d72a0d187d50600844cd0c1cfd7fe11910f465f1c7f8587a924678fa608de6c.exe

Resource

win7-20221111-en

xtremerat evasion persistence rat spyware

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

6d72a0d187d50600844cd0c1cfd7fe11910f465f1c7f8587a924678fa608de6c.exe

Resource

win10v2004-20220812-en

xtremerat evasion persistence rat spyware

windows10-2004-x64

12 signatures

150 seconds

General

Target

6d72a0d187d50600844cd0c1cfd7fe11910f465f1c7f8587a924678fa608de6c
Size

946KB
MD5

d040e95bbffdd74dcec21f280d0be7cb
SHA1

dd8d76e8154fb75bb6861f6f6f12c77f53855bb1
SHA256

6d72a0d187d50600844cd0c1cfd7fe11910f465f1c7f8587a924678fa608de6c
SHA512

5f950c54efa4c4464992edb8c50fa2afb21f19910572aa62ab7e5f980878a55add589d592e3750d3d8ae217690b4f0e7de07f758057c9cbd1c6de876b0c7ba79
SSDEEP

12288:wmF/SJR93JuOuOBbnkF324v3MgzSO0Mrh2K+SSjba1nctKJSN3qJF8aX8Hwikd5v:w4fKbq2guOLrIKKHMncYJos/X8Qi4

Score

N/A

Malware Config

Signatures

Files

6d72a0d187d50600844cd0c1cfd7fe11910f465f1c7f8587a924678fa608de6c
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 47KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zvwyvveq
Size: 839KB - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ecdrrtfk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy