General
-
Target
016acb02675faac1bf0c4cd7b31a8037b4c450dde080208c6763d35516d69af2.exe
-
Size
897KB
-
Sample
250107-a6tzkawmd1
-
MD5
223d94df101887dce308a2828bb23027
-
SHA1
b2d6f1e833524c52653d78e277d6814811622390
-
SHA256
016acb02675faac1bf0c4cd7b31a8037b4c450dde080208c6763d35516d69af2
-
SHA512
38af35bbc4528a162b51abe67b2af43741e9214c4c1c0abb238cf8d9610427caeb849b4c7fc84b2a7fcd71aa19caa252645fe79a76b345380c73830fdd49d7fb
-
SSDEEP
24576:K4lavt0LkLL9IMixoEgea01PncVq9MmCS7x:dkwkn9IMHea01IaPCS7x
Malware Config
Extracted
xtremerat
psyy.no-ip.org
Targets
-
-
Target
016acb02675faac1bf0c4cd7b31a8037b4c450dde080208c6763d35516d69af2.exe
-
Size
897KB
-
MD5
223d94df101887dce308a2828bb23027
-
SHA1
b2d6f1e833524c52653d78e277d6814811622390
-
SHA256
016acb02675faac1bf0c4cd7b31a8037b4c450dde080208c6763d35516d69af2
-
SHA512
38af35bbc4528a162b51abe67b2af43741e9214c4c1c0abb238cf8d9610427caeb849b4c7fc84b2a7fcd71aa19caa252645fe79a76b345380c73830fdd49d7fb
-
SSDEEP
24576:K4lavt0LkLL9IMixoEgea01PncVq9MmCS7x:dkwkn9IMHea01IaPCS7x
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-