General
-
Target
da18578c8c36331abda19046836cb920
-
Size
537KB
-
Sample
240320-3dh1tadh27
-
MD5
da18578c8c36331abda19046836cb920
-
SHA1
226ec66e74ae962c22749728e76452ada69cc75e
-
SHA256
54b04010cd48ead7b8d3843933f2c9d886e2d9026ee3647bd8d79375c92db417
-
SHA512
d896e692cede79aad3686b53d4355b8f2a0a4b0a1820040b307fd98819948c5993232d66cd41e05d927449a5a7a6f28e0b1d3a826404c9358c80d3013a0b08a9
-
SSDEEP
3072:edOf+jPSdZiTkJY2dR+ut3+lf0y88e9kMFhvPqTnrFx3r3NG4dz3ySOns6r4iqFR:ewM6iPnT7A1J9Zqw4
Static task
static1
Behavioral task
behavioral1
Sample
da18578c8c36331abda19046836cb920.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
da18578c8c36331abda19046836cb920.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xtremerat
katrena1986.no-ip.biz
Targets
-
-
Target
da18578c8c36331abda19046836cb920
-
Size
537KB
-
MD5
da18578c8c36331abda19046836cb920
-
SHA1
226ec66e74ae962c22749728e76452ada69cc75e
-
SHA256
54b04010cd48ead7b8d3843933f2c9d886e2d9026ee3647bd8d79375c92db417
-
SHA512
d896e692cede79aad3686b53d4355b8f2a0a4b0a1820040b307fd98819948c5993232d66cd41e05d927449a5a7a6f28e0b1d3a826404c9358c80d3013a0b08a9
-
SSDEEP
3072:edOf+jPSdZiTkJY2dR+ut3+lf0y88e9kMFhvPqTnrFx3r3NG4dz3ySOns6r4iqFR:ewM6iPnT7A1J9Zqw4
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-