xtremerat | 41cfa76bcff3a102ec482ac4e5a30773bc519deb3a8071198bb002ac6f76ab95 | Triage

Submit
Reports

Overview

overview

Static

static

41cfa76bcf...95.exe

windows7-x64

41cfa76bcf...95.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

41cfa76bcff3a102ec482ac4e5a30773bc519deb3a8071198bb002ac6f76ab95
Size

31KB
Sample

221002-sbev9sdaej
MD5

704490329d083fd4fcbb96a9ae37f9ab
SHA1

bcef003db4369861732e976467e2db124ebbaea6
SHA256

41cfa76bcff3a102ec482ac4e5a30773bc519deb3a8071198bb002ac6f76ab95
SHA512

bb8a9717a1ab7a4d0c5f6772d325a24db051db0c9072d6bccfc36604a7f572f37852691c252ba2785e0e3de9331750c9129ecb8727494cac05ad9ed30274429b
SSDEEP

768:wsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jTiGWJcd:ZNW70x6ALBwsd

Score

10^/10

xtremerat persistence rat spyware upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

41cfa76bcff3a102ec482ac4e5a30773bc519deb3a8071198bb002ac6f76ab95.exe

Resource

win7-20220812-en

xtremerat persistence rat spyware upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

41cfa76bcff3a102ec482ac4e5a30773bc519deb3a8071198bb002ac6f76ab95.exe

Resource

win10v2004-20220812-en

xtremerat persistence rat spyware upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

h3r0.no-ip.org

Targets

- Target
  
  41cfa76bcff3a102ec482ac4e5a30773bc519deb3a8071198bb002ac6f76ab95
- Size
  
  31KB
- MD5
  
  704490329d083fd4fcbb96a9ae37f9ab
- SHA1
  
  bcef003db4369861732e976467e2db124ebbaea6
- SHA256
  
  41cfa76bcff3a102ec482ac4e5a30773bc519deb3a8071198bb002ac6f76ab95
- SHA512
  
  bb8a9717a1ab7a4d0c5f6772d325a24db051db0c9072d6bccfc36604a7f572f37852691c252ba2785e0e3de9331750c9129ecb8727494cac05ad9ed30274429b
- SSDEEP
  
  768:wsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jTiGWJcd:ZNW70x6ALBwsd
Score

10^/10

xtremerat persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratpersistenceratspywareupx

behavioral2

xtremeratpersistenceratspywareupx

© 2018-2025

Terms | Privacy