General
-
Target
9046f5b04eb364799ad349a6bb448f39
-
Size
71KB
-
Sample
240204-11fg4adgfk
-
MD5
9046f5b04eb364799ad349a6bb448f39
-
SHA1
8c87fc5d92592e81aab7f2d90295f6be444f9c88
-
SHA256
97812441db77dfffa5933c69be126f7a456d5f28c453ff9f01e987b91469968d
-
SHA512
9eceedc689692c71b6a14af82ec0e806d991c4dd3db63d4cbc0e6796589bebfa7515c7a37f6d1837527b30eb73cb1e4dda973fe4f2bd74488fee687b06a5d630
-
SSDEEP
1536:9Tyu7Y6MqJjT0Nekm+OEcR1idVwCHupGVeOQg52e+lTFzy:8CY8TcekmTR1iwCHOiU5
Behavioral task
behavioral1
Sample
9046f5b04eb364799ad349a6bb448f39.exe
Resource
win7-20231215-en
Malware Config
Extracted
xtremerat
2011.no-ip.biz
bad.no-ip.biz
Targets
-
-
Target
9046f5b04eb364799ad349a6bb448f39
-
Size
71KB
-
MD5
9046f5b04eb364799ad349a6bb448f39
-
SHA1
8c87fc5d92592e81aab7f2d90295f6be444f9c88
-
SHA256
97812441db77dfffa5933c69be126f7a456d5f28c453ff9f01e987b91469968d
-
SHA512
9eceedc689692c71b6a14af82ec0e806d991c4dd3db63d4cbc0e6796589bebfa7515c7a37f6d1837527b30eb73cb1e4dda973fe4f2bd74488fee687b06a5d630
-
SSDEEP
1536:9Tyu7Y6MqJjT0Nekm+OEcR1idVwCHupGVeOQg52e+lTFzy:8CY8TcekmTR1iwCHOiU5
-
Detect XtremeRAT payload
-
Modifies firewall policy service
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-