General
-
Target
753fc3fae9a227e12760e8ea5dfbd2af
-
Size
284KB
-
Sample
240125-xg3azaeack
-
MD5
753fc3fae9a227e12760e8ea5dfbd2af
-
SHA1
0251d4b4b63a87abe8784c908f1342a729b6318c
-
SHA256
93a7a8435fc48b8bf29cf34488ae07557f563a457b2eb4909762a2426e189584
-
SHA512
db6e95e7628feccea80a39f033ec3c2e3e8e7f3c290ace9505db058b3d443a31b78170ca8f4762208384b17bdba19cacf49f289253db8371c4894df447d357bd
-
SSDEEP
6144:FAqe9PLfIbTnnGKY20D0wg7oWUY/w2NIAJ0QIOw:FwPLfMTnGKSAV3v+vrZ
Static task
static1
Behavioral task
behavioral1
Sample
753fc3fae9a227e12760e8ea5dfbd2af.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
753fc3fae9a227e12760e8ea5dfbd2af.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
753fc3fae9a227e12760e8ea5dfbd2af
-
Size
284KB
-
MD5
753fc3fae9a227e12760e8ea5dfbd2af
-
SHA1
0251d4b4b63a87abe8784c908f1342a729b6318c
-
SHA256
93a7a8435fc48b8bf29cf34488ae07557f563a457b2eb4909762a2426e189584
-
SHA512
db6e95e7628feccea80a39f033ec3c2e3e8e7f3c290ace9505db058b3d443a31b78170ca8f4762208384b17bdba19cacf49f289253db8371c4894df447d357bd
-
SSDEEP
6144:FAqe9PLfIbTnnGKY20D0wg7oWUY/w2NIAJ0QIOw:FwPLfMTnGKSAV3v+vrZ
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-