General
-
Target
b533b101db6fb2b5287f60f55aa15986
-
Size
436KB
-
Sample
240305-vjdpaabg3z
-
MD5
b533b101db6fb2b5287f60f55aa15986
-
SHA1
8fd603e55fd58163051c9a624bcc9c9060de84b0
-
SHA256
2730eb30a809152b323077c2c522fb63b6f9a55c245b9031d4c6f85dece6c41b
-
SHA512
4f344366aa706659daf7027b385e27960206e884a62c27f702e4a3e9270388bc8768c42195f1e8c31bebdd37f8f1748a770f3d00a72c90604dbb5dcd14811218
-
SSDEEP
12288:7jkArEN249AyE/rbaMct4bO2/VqraBAyayg:wFE//Tct4bOssraBAyayg
Behavioral task
behavioral1
Sample
b533b101db6fb2b5287f60f55aa15986.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b533b101db6fb2b5287f60f55aa15986.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xtremerat
123vivalgerie.no-ip.biz
ƶallgeriaa.zapto.org
getdesktoppreviewinfo|130mahdidi.zapto.org
ƶ123vivalgerie.no-ip.biz
Targets
-
-
Target
b533b101db6fb2b5287f60f55aa15986
-
Size
436KB
-
MD5
b533b101db6fb2b5287f60f55aa15986
-
SHA1
8fd603e55fd58163051c9a624bcc9c9060de84b0
-
SHA256
2730eb30a809152b323077c2c522fb63b6f9a55c245b9031d4c6f85dece6c41b
-
SHA512
4f344366aa706659daf7027b385e27960206e884a62c27f702e4a3e9270388bc8768c42195f1e8c31bebdd37f8f1748a770f3d00a72c90604dbb5dcd14811218
-
SSDEEP
12288:7jkArEN249AyE/rbaMct4bO2/VqraBAyayg:wFE//Tct4bOssraBAyayg
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-