General
-
Target
8eb357b2027d8f8562c432411967d1f0
-
Size
316KB
-
Sample
240204-khsfyadea3
-
MD5
8eb357b2027d8f8562c432411967d1f0
-
SHA1
df26f4f054b055ee07bda9d009db22b0b85df845
-
SHA256
dae55d1a80a83d50d4f9c03d2eb4e610ead081924baec736cef4d894bb7eaec9
-
SHA512
b4326bf10d207c1bfeacc098cd710d9637af2e3e2df35b57b7bde40b83ca795d3479a9b54b0bdb8c651195b2f84f9dfb1f68b2685429d048b74955a74698e73b
-
SSDEEP
1536:aYoUrxSEGfUWwdVPZZRRsoDJIArHcC7QRK4KtWfWMnrH91WqLkK:2Ur/GfUtZZvJNHERPffp1Wik
Static task
static1
Behavioral task
behavioral1
Sample
8eb357b2027d8f8562c432411967d1f0.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8eb357b2027d8f8562c432411967d1f0.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
xtremerat
becha.no-ip.biz
Targets
-
-
Target
8eb357b2027d8f8562c432411967d1f0
-
Size
316KB
-
MD5
8eb357b2027d8f8562c432411967d1f0
-
SHA1
df26f4f054b055ee07bda9d009db22b0b85df845
-
SHA256
dae55d1a80a83d50d4f9c03d2eb4e610ead081924baec736cef4d894bb7eaec9
-
SHA512
b4326bf10d207c1bfeacc098cd710d9637af2e3e2df35b57b7bde40b83ca795d3479a9b54b0bdb8c651195b2f84f9dfb1f68b2685429d048b74955a74698e73b
-
SSDEEP
1536:aYoUrxSEGfUWwdVPZZRRsoDJIArHcC7QRK4KtWfWMnrH91WqLkK:2Ur/GfUtZZvJNHERPffp1Wik
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-