General
-
Target
8f5469a91c469a777b1aa61b3fff945b
-
Size
33KB
-
Sample
240204-rbpvssbdb4
-
MD5
8f5469a91c469a777b1aa61b3fff945b
-
SHA1
f114756cd989c03c0e91840e9b984320165755a2
-
SHA256
ebae9ede81d32c6bcf3af11e09e7bafe00a4dc66a48f3354a84ec117d6f4979e
-
SHA512
8ae6cf009922e12647570d33ac43d3cb017e5b1aa20aeac1eabd27337d710e06ccda6ade926545cb2f4de2cb67126c502b780d50a1de4c0509dfe930e58a8109
-
SSDEEP
768:VMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66l+zIAO9gd0tD:eNW71rcYDAWeotvXl+/S
Behavioral task
behavioral1
Sample
8f5469a91c469a777b1aa61b3fff945b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8f5469a91c469a777b1aa61b3fff945b.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
xtremerat
l7n-alrhel.no-ip.biz
蠀Codejock COM Server Registrl7n-alrhel.no-ip.biz
Targets
-
-
Target
8f5469a91c469a777b1aa61b3fff945b
-
Size
33KB
-
MD5
8f5469a91c469a777b1aa61b3fff945b
-
SHA1
f114756cd989c03c0e91840e9b984320165755a2
-
SHA256
ebae9ede81d32c6bcf3af11e09e7bafe00a4dc66a48f3354a84ec117d6f4979e
-
SHA512
8ae6cf009922e12647570d33ac43d3cb017e5b1aa20aeac1eabd27337d710e06ccda6ade926545cb2f4de2cb67126c502b780d50a1de4c0509dfe930e58a8109
-
SSDEEP
768:VMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66l+zIAO9gd0tD:eNW71rcYDAWeotvXl+/S
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-