General
-
Target
8415fa37eb630db0d0663294a6925a58
-
Size
526KB
-
Sample
240131-lpjm2shde8
-
MD5
8415fa37eb630db0d0663294a6925a58
-
SHA1
843fcd503968de01b0a898d877500ab7ba5c1a8c
-
SHA256
01f10db385d50b10de4916783d8e9d187af1deda13d7512f801a8e7773512ac8
-
SHA512
06c08a16dc19c6763b547714b6c1a53379354bb7d8a6503f35cf921db48ed8e8d8912da398cdfba1dcb58ff20887383a8368444e31dadac44465dd9234fa8507
-
SSDEEP
6144:TFYu7hnQk0AKKRuiCPM2JHqF1CyOjFy9MW7TL2EnIgK54IQzeeeL4/o:TThd3RyrJ2CyOJCpIgKKM4g
Behavioral task
behavioral1
Sample
8415fa37eb630db0d0663294a6925a58.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8415fa37eb630db0d0663294a6925a58.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
8415fa37eb630db0d0663294a6925a58
-
Size
526KB
-
MD5
8415fa37eb630db0d0663294a6925a58
-
SHA1
843fcd503968de01b0a898d877500ab7ba5c1a8c
-
SHA256
01f10db385d50b10de4916783d8e9d187af1deda13d7512f801a8e7773512ac8
-
SHA512
06c08a16dc19c6763b547714b6c1a53379354bb7d8a6503f35cf921db48ed8e8d8912da398cdfba1dcb58ff20887383a8368444e31dadac44465dd9234fa8507
-
SSDEEP
6144:TFYu7hnQk0AKKRuiCPM2JHqF1CyOjFy9MW7TL2EnIgK54IQzeeeL4/o:TThd3RyrJ2CyOJCpIgKKM4g
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-