General
-
Target
82d7d99c4fba793eb397ca6e0a8c5e35
-
Size
668KB
-
Sample
240130-3cnvnsfbg7
-
MD5
82d7d99c4fba793eb397ca6e0a8c5e35
-
SHA1
5a8782df89671b983d267c6c24de8f5ca964cb54
-
SHA256
872edc4c58c1375cc1555d0aa9045ff1ed5f0f37bbe3b2fa7c3bc2995f8016ca
-
SHA512
9f257d5aba777750a2f41e536e7b37499dc99b0939a69b8e5f5f17049eb3ce0b3e97fbda3769caa872860b7e497824ab879414f22af84c2b8cfbe52e08fdd87f
-
SSDEEP
1536:99YX/XB6CXr7w484Ve4mUWv+xAR9zz+JGl7w49XgXB6iX:sPRF77P3me493nl7P9wRl
Static task
static1
Behavioral task
behavioral1
Sample
82d7d99c4fba793eb397ca6e0a8c5e35.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
82d7d99c4fba793eb397ca6e0a8c5e35.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
xtremerat
z2a.no-ip.info
Targets
-
-
Target
82d7d99c4fba793eb397ca6e0a8c5e35
-
Size
668KB
-
MD5
82d7d99c4fba793eb397ca6e0a8c5e35
-
SHA1
5a8782df89671b983d267c6c24de8f5ca964cb54
-
SHA256
872edc4c58c1375cc1555d0aa9045ff1ed5f0f37bbe3b2fa7c3bc2995f8016ca
-
SHA512
9f257d5aba777750a2f41e536e7b37499dc99b0939a69b8e5f5f17049eb3ce0b3e97fbda3769caa872860b7e497824ab879414f22af84c2b8cfbe52e08fdd87f
-
SSDEEP
1536:99YX/XB6CXr7w484Ve4mUWv+xAR9zz+JGl7w49XgXB6iX:sPRF77P3me493nl7P9wRl
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-