General
-
Target
77986987ca5c88b1ff74d38421ca3337
-
Size
172KB
-
Sample
240126-rrv2raffc9
-
MD5
77986987ca5c88b1ff74d38421ca3337
-
SHA1
695305054d159bf5bfb15ef325ddf1a61369df69
-
SHA256
d2a33a51a40ad2791f3f673092b00fc219e960db0684a61e9d507914164341c3
-
SHA512
fe3ef512661926f3ed7f20b32336907103629fc85c8528c4f450545b7bf44f8b1cf48a1103567e04307a76a841811e76a6e8eb12e440585cac0ff0939a47c981
-
SSDEEP
1536:91/yguAiQS7MR+oXiJqAIi2976EFe8E+wrCPGY2dfA9+A6nOwdfKvSpqB+pE0gzy:jfiQD0JI7/Fpune+A7wt0SpqB+g3RQ
Static task
static1
Behavioral task
behavioral1
Sample
77986987ca5c88b1ff74d38421ca3337.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
77986987ca5c88b1ff74d38421ca3337.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
xtremerat
mrjoo.no-ip.info
Targets
-
-
Target
77986987ca5c88b1ff74d38421ca3337
-
Size
172KB
-
MD5
77986987ca5c88b1ff74d38421ca3337
-
SHA1
695305054d159bf5bfb15ef325ddf1a61369df69
-
SHA256
d2a33a51a40ad2791f3f673092b00fc219e960db0684a61e9d507914164341c3
-
SHA512
fe3ef512661926f3ed7f20b32336907103629fc85c8528c4f450545b7bf44f8b1cf48a1103567e04307a76a841811e76a6e8eb12e440585cac0ff0939a47c981
-
SSDEEP
1536:91/yguAiQS7MR+oXiJqAIi2976EFe8E+wrCPGY2dfA9+A6nOwdfKvSpqB+pE0gzy:jfiQD0JI7/Fpune+A7wt0SpqB+g3RQ
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-