General
-
Target
c6a96acfc0d093a8c5090d50c57efebfecf18ccada224ffa8a21c357b118a900N.exe
-
Size
420KB
-
Sample
241205-sxahnszqdx
-
MD5
eb559a01c1db2e84e7b2732b23efa2c0
-
SHA1
b35ad4d355b407cecaf9fe147292a51fa1e18cb9
-
SHA256
c6a96acfc0d093a8c5090d50c57efebfecf18ccada224ffa8a21c357b118a900
-
SHA512
a9771a8d4778eb5e3b3f62fae89f0abcb270264bb59064b2d8855fcc5291983667f53a30d1edaf223208f7225aca50bead28ea04da27687c1966f4ccca6b7de0
-
SSDEEP
6144:4+9hS3kbFRQqzfz7qeEzDSZbFm2A2g2McTrDLKmE:XMkHzfz77b62McTOmE
Static task
static1
Behavioral task
behavioral1
Sample
c6a96acfc0d093a8c5090d50c57efebfecf18ccada224ffa8a21c357b118a900N.exe
Resource
win7-20240903-en
Malware Config
Extracted
xtremerat
sam-of.myq-see.com
Desktopsam-of.publicvm.com
Targets
-
-
Target
c6a96acfc0d093a8c5090d50c57efebfecf18ccada224ffa8a21c357b118a900N.exe
-
Size
420KB
-
MD5
eb559a01c1db2e84e7b2732b23efa2c0
-
SHA1
b35ad4d355b407cecaf9fe147292a51fa1e18cb9
-
SHA256
c6a96acfc0d093a8c5090d50c57efebfecf18ccada224ffa8a21c357b118a900
-
SHA512
a9771a8d4778eb5e3b3f62fae89f0abcb270264bb59064b2d8855fcc5291983667f53a30d1edaf223208f7225aca50bead28ea04da27687c1966f4ccca6b7de0
-
SSDEEP
6144:4+9hS3kbFRQqzfz7qeEzDSZbFm2A2g2McTrDLKmE:XMkHzfz77b62McTOmE
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-