General
-
Target
dfebe4574f529119d0b02c367281801c
-
Size
295KB
-
Sample
240326-x6eafadb41
-
MD5
dfebe4574f529119d0b02c367281801c
-
SHA1
82c5060c83f32fdcbfaf30ec4538586933f98c2d
-
SHA256
8c9acfcbdd2acec6be19b8ae5780ce3bc5f9efe08a00c86ffeb00976a0659e79
-
SHA512
38dead17be70cee85415ebfc2247f36f5e6f990e954b014480e307f27ca89e1f4c0b5b8c7cf89a5fa7f204acc5ced61b834beee4a8a167d4bc0734187403b023
-
SSDEEP
6144:tlZ/zUMu4pDSxsCMRzf7x3SfS1JAzXBtL76lscy9kuN2Y:tHLUMuiv9RgfSjAzRty+quwY
Behavioral task
behavioral1
Sample
dfebe4574f529119d0b02c367281801c.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
dfebe4574f529119d0b02c367281801c.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
dfebe4574f529119d0b02c367281801c
-
Size
295KB
-
MD5
dfebe4574f529119d0b02c367281801c
-
SHA1
82c5060c83f32fdcbfaf30ec4538586933f98c2d
-
SHA256
8c9acfcbdd2acec6be19b8ae5780ce3bc5f9efe08a00c86ffeb00976a0659e79
-
SHA512
38dead17be70cee85415ebfc2247f36f5e6f990e954b014480e307f27ca89e1f4c0b5b8c7cf89a5fa7f204acc5ced61b834beee4a8a167d4bc0734187403b023
-
SSDEEP
6144:tlZ/zUMu4pDSxsCMRzf7x3SfS1JAzXBtL76lscy9kuN2Y:tHLUMuiv9RgfSjAzRty+quwY
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-