General
-
Target
8db6aaad907f51e4a772320bbe0ac0b3
-
Size
188KB
-
Sample
240204-acn68acha9
-
MD5
8db6aaad907f51e4a772320bbe0ac0b3
-
SHA1
cbf9de9973f8e52c5d000c2afe2d6b91b6192891
-
SHA256
2f47ca298551bdf28d51739682701a989de4836223e8c4e6896f6a2a75bc5736
-
SHA512
c3428550d2edcdc0d365fe91e62bf1908e1909839610dbfc1ed60a434b5a82e6df6030eedd158cf09338aa4de6eeee3a05f5c73778b12453e354e41f185eba06
-
SSDEEP
3072:LcY2MnUstI5Ag7O40TqzMwvmjw5emJYSu+RvNgCg5uWKsu7J6hsb:Lv2mt+/7OdThwus5emGSc5uxsu7J6C
Static task
static1
Behavioral task
behavioral1
Sample
8db6aaad907f51e4a772320bbe0ac0b3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8db6aaad907f51e4a772320bbe0ac0b3.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
xtremerat
hackerbnc.no-ip.biz
Targets
-
-
Target
8db6aaad907f51e4a772320bbe0ac0b3
-
Size
188KB
-
MD5
8db6aaad907f51e4a772320bbe0ac0b3
-
SHA1
cbf9de9973f8e52c5d000c2afe2d6b91b6192891
-
SHA256
2f47ca298551bdf28d51739682701a989de4836223e8c4e6896f6a2a75bc5736
-
SHA512
c3428550d2edcdc0d365fe91e62bf1908e1909839610dbfc1ed60a434b5a82e6df6030eedd158cf09338aa4de6eeee3a05f5c73778b12453e354e41f185eba06
-
SSDEEP
3072:LcY2MnUstI5Ag7O40TqzMwvmjw5emJYSu+RvNgCg5uWKsu7J6hsb:Lv2mt+/7OdThwus5emGSc5uxsu7J6C
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-