Detect XtremeRAT Payload

XtremeRAT

The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

njRAT/Bladabindi

Widely used RAT written in .NET.

Executes dropped EXE

Modifies Installed Components in the registry

Modifies Windows Firewall

UPX packed file

Detects executables packed with UPX/modified UPX open source packer.