General
-
Target
77256de52c8ab33746eebd2a6a9fcbd0
-
Size
413KB
-
Sample
240126-mrvc1adban
-
MD5
77256de52c8ab33746eebd2a6a9fcbd0
-
SHA1
80bdea34832c6b32e411f2263f1a59f0965ca686
-
SHA256
1352e3cf7083aaa7ad6fb1afe73ee2263861bc71e239d117a6c0579e91b6d58d
-
SHA512
61cbfc4a9d14ae562bdc4e87f5b4f298679ce2db17e0493da8edd3d3864d650d712cac35e315f33f2be95181ff8fba31460acfaa292d286cafa01466c1cd7437
-
SSDEEP
3072:ayRhFjjGBi3VjbYd8MUhYYYVYhYYYO7cdmuGehBi3VjbYd8MUhYYYVYhYYYO7cd4:1XFjjHJ9MUsdiJ9MUsdGbgWV
Behavioral task
behavioral1
Sample
77256de52c8ab33746eebd2a6a9fcbd0.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
77256de52c8ab33746eebd2a6a9fcbd0.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
xtremerat
hdohdo.no-ip.biz
Targets
-
-
Target
77256de52c8ab33746eebd2a6a9fcbd0
-
Size
413KB
-
MD5
77256de52c8ab33746eebd2a6a9fcbd0
-
SHA1
80bdea34832c6b32e411f2263f1a59f0965ca686
-
SHA256
1352e3cf7083aaa7ad6fb1afe73ee2263861bc71e239d117a6c0579e91b6d58d
-
SHA512
61cbfc4a9d14ae562bdc4e87f5b4f298679ce2db17e0493da8edd3d3864d650d712cac35e315f33f2be95181ff8fba31460acfaa292d286cafa01466c1cd7437
-
SSDEEP
3072:ayRhFjjGBi3VjbYd8MUhYYYVYhYYYO7cdmuGehBi3VjbYd8MUhYYYVYhYYYO7cd4:1XFjjHJ9MUsdiJ9MUsdGbgWV
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-