General
-
Target
4c24336780f386be455a048edb0ace3a989288274ebb564ef2970db44498982fN.exe
-
Size
125KB
-
Sample
241217-3c151asld1
-
MD5
f6b3f4d4c878f05f873fd8ef54df4cf0
-
SHA1
79eb685414b1323f9e9f49f336117e2d4271b13f
-
SHA256
4c24336780f386be455a048edb0ace3a989288274ebb564ef2970db44498982f
-
SHA512
dd1e2035ae2d36907dfbc1799006df75f534e40f35c20fd5c27eb2ef46d143676558a770916a2f595d8f7fa3e308f4ce6605e04b098a408a37f0a5ae8302cf60
-
SSDEEP
3072:d0PpDmmBFH6d23ggFLnfDtcwZp6tZ1krgQte0pXN:EFaFghpcwZp6Bk0Q13
Static task
static1
Behavioral task
behavioral1
Sample
4c24336780f386be455a048edb0ace3a989288274ebb564ef2970db44498982fN.exe
Resource
win7-20240903-en
Malware Config
Extracted
xtremerat
alnmroood.zapto.org
Targets
-
-
Target
4c24336780f386be455a048edb0ace3a989288274ebb564ef2970db44498982fN.exe
-
Size
125KB
-
MD5
f6b3f4d4c878f05f873fd8ef54df4cf0
-
SHA1
79eb685414b1323f9e9f49f336117e2d4271b13f
-
SHA256
4c24336780f386be455a048edb0ace3a989288274ebb564ef2970db44498982f
-
SHA512
dd1e2035ae2d36907dfbc1799006df75f534e40f35c20fd5c27eb2ef46d143676558a770916a2f595d8f7fa3e308f4ce6605e04b098a408a37f0a5ae8302cf60
-
SSDEEP
3072:d0PpDmmBFH6d23ggFLnfDtcwZp6tZ1krgQte0pXN:EFaFghpcwZp6Bk0Q13
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-