xtremerat | 9880dbbdcc0666afe7bb623d808f956902afd83fbb38c07e2e5a513dca705762 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9880dbbdcc0666afe7bb623d808f956902afd83fbb38c07e2e5a513dca705762
Size

100KB
MD5

329b4739b7ca8951652b07c7be8b53b3
SHA1

c362fa327a8117218c995170a80cbc0b0bb658b9
SHA256

9880dbbdcc0666afe7bb623d808f956902afd83fbb38c07e2e5a513dca705762
SHA512

080e06a10ed259183335bedf44db14b40ecfaa52c300ca389558b38c1cc9489505d4f25213c9988523bc81bc4ea33868a39eb6785f9c79c6a38a94d01cb63059
SSDEEP

768:jBr+tjFqTPkAlfztB1lr6an3smTA8uvm2tbCnA12zo8m7DC3hMMHWTk:NyRUHlrL1lr6an3TLuvm2dSo8T

Score

10^/10

xtremerat

Malware Config

Signatures

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Files

9880dbbdcc0666afe7bb623d808f956902afd83fbb38c07e2e5a513dca705762
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.MPRESS1
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE