General

  • Target

    2bb2c4be0651f02370e5da09829c904eaa193fa0c041f9e3b0820a40cd56b613.exe

  • Size

    309KB

  • MD5

    6d0b197c5b4db07c0a1e434c99144ba9

  • SHA1

    d6f959e7382ee28faa3ed2ea01a02368fc581cec

  • SHA256

    2bb2c4be0651f02370e5da09829c904eaa193fa0c041f9e3b0820a40cd56b613

  • SHA512

    f47613029c8d5888790f8a2eb89a610337c639a71ec91d4798a8c7b6180463e445c0d14cc4fb81ccf237f4679886a7988500734b188ed481dec3aaf3b5ecbb20

  • SSDEEP

    1536:ksq+Q1aZQuIyJp0mgA+FJyHdAEAbLWLY:RY8QoQAEJqsLW

Score
10/10

Malware Config

Extracted

Family

xtremerat

C2

hackercool.zapto.org

Signatures

  • Detect XtremeRAT payload 1 IoCs
  • Xtremerat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2bb2c4be0651f02370e5da09829c904eaa193fa0c041f9e3b0820a40cd56b613.exe
    .exe windows:4 windows x86 arch:x86

    70703a9e547c77f1d24bd30aaa4eebf9


    Headers

    Imports

    Sections