General
-
Target
776335ba6b26f60bd0ff0a9bc860663c
-
Size
81KB
-
Sample
240126-px92rafcbn
-
MD5
776335ba6b26f60bd0ff0a9bc860663c
-
SHA1
613ce7eb607ee5afaccf2a833acc994b2b029295
-
SHA256
9feb6fefdb1d75a81fe8d5ff14250afb670f00357adc6d1e1333276e2fd5361a
-
SHA512
acb4af8187eafe76cc36b06c01525a92a1e5d534a8c640f6b002e6c5b2c6f8a60725b349559d8f12a75ef58f261e93b402d7cd503e5e16e51e599669e62e2823
-
SSDEEP
1536:3s4QfQijHU2CkvfFn93acBNRnpYFwdK6/pVg7kcV:3axwjsn3a6NgFMKYmfV
Static task
static1
Behavioral task
behavioral1
Sample
776335ba6b26f60bd0ff0a9bc860663c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
776335ba6b26f60bd0ff0a9bc860663c.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
xtremerat
mido007.no-ip.biz
Targets
-
-
Target
776335ba6b26f60bd0ff0a9bc860663c
-
Size
81KB
-
MD5
776335ba6b26f60bd0ff0a9bc860663c
-
SHA1
613ce7eb607ee5afaccf2a833acc994b2b029295
-
SHA256
9feb6fefdb1d75a81fe8d5ff14250afb670f00357adc6d1e1333276e2fd5361a
-
SHA512
acb4af8187eafe76cc36b06c01525a92a1e5d534a8c640f6b002e6c5b2c6f8a60725b349559d8f12a75ef58f261e93b402d7cd503e5e16e51e599669e62e2823
-
SSDEEP
1536:3s4QfQijHU2CkvfFn93acBNRnpYFwdK6/pVg7kcV:3axwjsn3a6NgFMKYmfV
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-