General

  • Target

    b25e145d8cf5ad69bd6c02e228ca6e69

  • Size

    64KB

  • Sample

    240304-rwwh3sdf29

  • MD5

    b25e145d8cf5ad69bd6c02e228ca6e69

  • SHA1

    758ec47ad04f071545da1130ad6def57b7c480ae

  • SHA256

    eb572eb1f12014fa629475a0fb45a3068fd65f47e1316434bdede5600a2f66f0

  • SHA512

    0dc452e3b81a0bdfe8df35a828b66a3f08608d01e5890cf7c493efe78c7e0c6f97732e059d4cb63878a88d3e5c2baf1ad743b2c28f05ad40ed92b2ca82fbd0be

  • SSDEEP

    768:9yRLxGVDw6rZD4i8974gh3kjGJcib7nrDJWR7iEDwQJRAkdszDOiaLhHG/:A6w6Vki8974gzcivJZaRFdsuJLhm/

Malware Config

Targets

    • Target

      b25e145d8cf5ad69bd6c02e228ca6e69

    • Size

      64KB

    • MD5

      b25e145d8cf5ad69bd6c02e228ca6e69

    • SHA1

      758ec47ad04f071545da1130ad6def57b7c480ae

    • SHA256

      eb572eb1f12014fa629475a0fb45a3068fd65f47e1316434bdede5600a2f66f0

    • SHA512

      0dc452e3b81a0bdfe8df35a828b66a3f08608d01e5890cf7c493efe78c7e0c6f97732e059d4cb63878a88d3e5c2baf1ad743b2c28f05ad40ed92b2ca82fbd0be

    • SSDEEP

      768:9yRLxGVDw6rZD4i8974gh3kjGJcib7nrDJWR7iEDwQJRAkdszDOiaLhHG/:A6w6Vki8974gzcivJZaRFdsuJLhm/

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks