General
-
Target
834f7ce0d80f71d0fcfbe09862151b23
-
Size
227KB
-
Sample
240131-dws63aaff6
-
MD5
834f7ce0d80f71d0fcfbe09862151b23
-
SHA1
632adebc9db71f9114abad45328538f8a28f0162
-
SHA256
7f55d17b76f302e07edbc21096fcf218713b9ad06be597862a17a79ab288b583
-
SHA512
199b3eaa642a2a4a3ab4caa98891d5f0e69e06eaaf8c2dfa7dcda1b9dda7e57d4fb1a0696d3d68d75b6dc3b103ecd4496f8def34c260701fb33562ee1af3080e
-
SSDEEP
6144:h+sgruDIqjEmKpmFJ5eQzG6gjvkZMPu1ZcOFtym:NMuZba+QDjsZMVOFtym
Static task
static1
Behavioral task
behavioral1
Sample
834f7ce0d80f71d0fcfbe09862151b23.exe
Resource
win7-20231215-en
Malware Config
Extracted
xtremerat
hackerbnc.no-ip.biz
Targets
-
-
Target
834f7ce0d80f71d0fcfbe09862151b23
-
Size
227KB
-
MD5
834f7ce0d80f71d0fcfbe09862151b23
-
SHA1
632adebc9db71f9114abad45328538f8a28f0162
-
SHA256
7f55d17b76f302e07edbc21096fcf218713b9ad06be597862a17a79ab288b583
-
SHA512
199b3eaa642a2a4a3ab4caa98891d5f0e69e06eaaf8c2dfa7dcda1b9dda7e57d4fb1a0696d3d68d75b6dc3b103ecd4496f8def34c260701fb33562ee1af3080e
-
SSDEEP
6144:h+sgruDIqjEmKpmFJ5eQzG6gjvkZMPu1ZcOFtym:NMuZba+QDjsZMVOFtym
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-