xtremerat | c7ea1679ad201387f6155872f19983440263a68103038e3946e47aca8da00d96 | Triage

Sharing

General

Target

c7ea1679ad201387f6155872f19983440263a68103038e3946e47aca8da00d96
Size

64KB
MD5

4cdbdb022801345d08ca551382823bb7
SHA1

7f5d7104c5fa7aff0dfa19d4a9ed1b875447a90f
SHA256

c7ea1679ad201387f6155872f19983440263a68103038e3946e47aca8da00d96
SHA512

66c2b40a173e5ab05a4454943a873ae7dbe9743acde2a69c726de86666250bdbe3e8e347e05a2d38f899242fe624aef8316f6c1e5217535dd9f34452b23bc1fb
SSDEEP

768:j8m1Sq4NQErBsH1tzoisBKQI6dObAG/dqOXHsoAx5JXrUq/6Y7C+KnA+7PoNw8fA:bsq+QV4rObAdNoAf5UqyYe/ArNw8bo7T

Score

10^/10

xtremerat

Malware Config

Signatures

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Files

c7ea1679ad201387f6155872f19983440263a68103038e3946e47aca8da00d96
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 208KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ