xtremerat | 0619136fb281208fdbe6616406cf709a1336233c164b8d8cdf7098bf0f3f5c06 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0619136fb281208fdbe6616406cf709a1336233c164b8d8cdf7098bf0f3f5c06
Size

44KB
MD5

02c3d46a63504e7f7874ea8f8168cd80
SHA1

aa83f564057fb7b98654a244bb8cd87aeca2ec18
SHA256

0619136fb281208fdbe6616406cf709a1336233c164b8d8cdf7098bf0f3f5c06
SHA512

6fb76e8dffb318d96b07bb784ee4f0e02401c58418abe5b4f9cf95e9004e9f46ac753b61524f240d837f2d8d7356b792d94f95eae9388004360138fa730e541f
SSDEEP

768:rBr+tjFqTPkAljztB1lr6an3smTA8uvm2DfOTwYPI2zo+E:FyRUHl/L1lr6an3TLuvm2buQqo+E

Score

10^/10

xtremerat

Malware Config

Signatures

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Files

0619136fb281208fdbe6616406cf709a1336233c164b8d8cdf7098bf0f3f5c06
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ