xtremerat | d046b4ea0b4db978523ca1d819669bae70cc5ba408c7ee78ea8da3a30928c4bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d046b4ea0b4db978523ca1d819669bae70cc5ba408c7ee78ea8da3a30928c4bb
Size

45KB
MD5

38e5383597352e41acd197381dd9ba2f
SHA1

1e5544b96401fedcf9dc4b0eebd653d300927e3a
SHA256

d046b4ea0b4db978523ca1d819669bae70cc5ba408c7ee78ea8da3a30928c4bb
SHA512

6a66f686613e0048ea23abe1c60e9077180d20f7b23a5c0fd96e834956091be44c4e0ec2e20a732e08eef83ee9bdcdfb6cdc596558cc7044affca05d6c117507
SSDEEP

768:9Br+tjFY90iY6W1jXmDzKgEFQXpklMIAnH8hwfOgw08Azo5J:jyRh31jiPEFQXpk+H84blo5J

Score

10^/10

xtremerat

Malware Config

Signatures

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Files

d046b4ea0b4db978523ca1d819669bae70cc5ba408c7ee78ea8da3a30928c4bb
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ