Resubmissions

11-08-2022 15:41

220811-s48ztahaem 10

01-08-2022 04:16

220801-ev5n5sadfn 10

General

  • Target

    5d1e4488ddc323c81d72cb6e4211fb70fcba5e4f5c28a9cbc7b6ca8e0dc3a63d

  • Size

    65KB

  • Sample

    220811-s48ztahaem

  • MD5

    204b6bf2f9dcabca806c10728b45e701

  • SHA1

    148fee75363c0a37912ac4d223087a66dd6fcda1

  • SHA256

    5d1e4488ddc323c81d72cb6e4211fb70fcba5e4f5c28a9cbc7b6ca8e0dc3a63d

  • SHA512

    049db1a2ce2d47a8ca64cd3d644b0ae11cd51566db6fe928acc360e618fc91d537de408584a9eddb41a467a28f2c9cdde9c64071b0b5b75379e4669329631388

Malware Config

Extracted

Family

xtremerat

C2

darkcommet.no-ip.org

Targets

    • Target

      5d1e4488ddc323c81d72cb6e4211fb70fcba5e4f5c28a9cbc7b6ca8e0dc3a63d

    • Size

      65KB

    • MD5

      204b6bf2f9dcabca806c10728b45e701

    • SHA1

      148fee75363c0a37912ac4d223087a66dd6fcda1

    • SHA256

      5d1e4488ddc323c81d72cb6e4211fb70fcba5e4f5c28a9cbc7b6ca8e0dc3a63d

    • SHA512

      049db1a2ce2d47a8ca64cd3d644b0ae11cd51566db6fe928acc360e618fc91d537de408584a9eddb41a467a28f2c9cdde9c64071b0b5b75379e4669329631388

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks