General
-
Target
a446958342327d51ee0eed7646d0f82f
-
Size
436KB
-
Sample
240225-t75x1aha5x
-
MD5
a446958342327d51ee0eed7646d0f82f
-
SHA1
b08b30e871e00583837ff142061f7522869b8bbe
-
SHA256
bb266fe380c6e0207abf4a41bcb92916d6bf5b31fad084356269b74ef1c69a4c
-
SHA512
bd1c23ffa817c076d847d279c428697fe0f792c94423dd40621254448844ed72a5877bb6f5269520b3e8cff78343a7e3a2cfecac03ee59ba66b84f3eae1e4229
-
SSDEEP
12288:7jkArEN249AyE/rbaMct4bO2/VqraB3yOyz:wFE//Tct4bOssraB3yOyz
Behavioral task
behavioral1
Sample
a446958342327d51ee0eed7646d0f82f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a446958342327d51ee0eed7646d0f82f.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
xtremerat
123vivalgerie.no-ip.biz
ƶallgeriaa.zapto.org
getdesktoppreviewinfo|130mahdidi.zapto.org
ƶ123vivalgerie.no-ip.biz
Targets
-
-
Target
a446958342327d51ee0eed7646d0f82f
-
Size
436KB
-
MD5
a446958342327d51ee0eed7646d0f82f
-
SHA1
b08b30e871e00583837ff142061f7522869b8bbe
-
SHA256
bb266fe380c6e0207abf4a41bcb92916d6bf5b31fad084356269b74ef1c69a4c
-
SHA512
bd1c23ffa817c076d847d279c428697fe0f792c94423dd40621254448844ed72a5877bb6f5269520b3e8cff78343a7e3a2cfecac03ee59ba66b84f3eae1e4229
-
SSDEEP
12288:7jkArEN249AyE/rbaMct4bO2/VqraB3yOyz:wFE//Tct4bOssraB3yOyz
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-