General
-
Target
b9515848ce8e78a2880f638e6681a83b5829b38cd47d1d1b2597ea02122d7328
-
Size
117KB
-
Sample
221201-kz39rscg66
-
MD5
3b77048ba1a9cccce18316769a308ff3
-
SHA1
8d0e49e2f2eb58bc90180015766e9082b63e322f
-
SHA256
b9515848ce8e78a2880f638e6681a83b5829b38cd47d1d1b2597ea02122d7328
-
SHA512
b43741e24b8b72eb5ccd82758fbf05eab8777e4e5d2165cb0891881c17fa36eb0b212619e8c1f769937341a49b16b94593ae63e9d2f3eb3b1512db5443192407
-
SSDEEP
3072:BYO2omzJeP4teP4Wot50zfJ8aGeb3p1Nfj:BYFzZlWJ5b3pHfj
Malware Config
Targets
-
-
Target
b9515848ce8e78a2880f638e6681a83b5829b38cd47d1d1b2597ea02122d7328
-
Size
117KB
-
MD5
3b77048ba1a9cccce18316769a308ff3
-
SHA1
8d0e49e2f2eb58bc90180015766e9082b63e322f
-
SHA256
b9515848ce8e78a2880f638e6681a83b5829b38cd47d1d1b2597ea02122d7328
-
SHA512
b43741e24b8b72eb5ccd82758fbf05eab8777e4e5d2165cb0891881c17fa36eb0b212619e8c1f769937341a49b16b94593ae63e9d2f3eb3b1512db5443192407
-
SSDEEP
3072:BYO2omzJeP4teP4Wot50zfJ8aGeb3p1Nfj:BYFzZlWJ5b3pHfj
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-