General
-
Target
821e4c194c721f6f40b6a63b71229677
-
Size
524KB
-
Sample
240130-lsmtwaehcj
-
MD5
821e4c194c721f6f40b6a63b71229677
-
SHA1
38a1eb80a5c8f32c6bb56402e5d31b357c5f648d
-
SHA256
b95a5e2ae5653e4de504a1d230857b40b1c251c5b832057a3f3ac67ec4cdb408
-
SHA512
e258c243ee8ac819ae0df8c98a1b54e416a5f1387db2402e3467d6b5c5b0135c39cd15a9486413ac5139b23b0a7a0d0893111cbc492395f362ead4aef85ee4df
-
SSDEEP
12288:UK3D4laljl9uZ9QWAx2NwX1itI8qT3ABt2tW3OKFHE4PA7n:7VVQ6x2GaI8eIR3OKtE4P
Static task
static1
Behavioral task
behavioral1
Sample
821e4c194c721f6f40b6a63b71229677.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
821e4c194c721f6f40b6a63b71229677.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
xtremerat
keohack.no-ip.biz
Targets
-
-
Target
821e4c194c721f6f40b6a63b71229677
-
Size
524KB
-
MD5
821e4c194c721f6f40b6a63b71229677
-
SHA1
38a1eb80a5c8f32c6bb56402e5d31b357c5f648d
-
SHA256
b95a5e2ae5653e4de504a1d230857b40b1c251c5b832057a3f3ac67ec4cdb408
-
SHA512
e258c243ee8ac819ae0df8c98a1b54e416a5f1387db2402e3467d6b5c5b0135c39cd15a9486413ac5139b23b0a7a0d0893111cbc492395f362ead4aef85ee4df
-
SSDEEP
12288:UK3D4laljl9uZ9QWAx2NwX1itI8qT3ABt2tW3OKFHE4PA7n:7VVQ6x2GaI8eIR3OKtE4P
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-