xtremerat | f8f9c55ee736e58be5eaddb2a6e65a9a45e9249e6a0b1ec90aec13023572591f | Triage

Submit
Reports

Overview

overview

Static

static

f8f9c55ee7...1f.exe

windows7-x64

f8f9c55ee7...1f.exe

windows10-2004-x64

Sharing

General

Target

f8f9c55ee736e58be5eaddb2a6e65a9a45e9249e6a0b1ec90aec13023572591f
Size

33KB
Sample

221003-s9baqsded2
MD5

625cc6fea5c3c19b5e2b33822453e145
SHA1

3b509800f6a586a24b0a86f709d6fa07792b87d0
SHA256

f8f9c55ee736e58be5eaddb2a6e65a9a45e9249e6a0b1ec90aec13023572591f
SHA512

4db37dbc5a399e7f97438297b007c37ae969f964d3f7810feec00a2420e5aa5a420ed9f70ee059bdea324320219aba371e929c7ad8391f9239a98c7c1fa7601e
SSDEEP

768:EMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lwtzxtFNeIA:tNW71rcYDAWeotvXlWnFUI

Score

10^/10

xtremerat persistence rat spyware upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f8f9c55ee736e58be5eaddb2a6e65a9a45e9249e6a0b1ec90aec13023572591f.exe

Resource

win7-20220901-en

xtremerat persistence rat spyware upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

f8f9c55ee736e58be5eaddb2a6e65a9a45e9249e6a0b1ec90aec13023572591f.exe

Resource

win10v2004-20220812-en

xtremerat persistence rat spyware upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

bbforlife.no-ip.org

Targets

- Target
  
  f8f9c55ee736e58be5eaddb2a6e65a9a45e9249e6a0b1ec90aec13023572591f
- Size
  
  33KB
- MD5
  
  625cc6fea5c3c19b5e2b33822453e145
- SHA1
  
  3b509800f6a586a24b0a86f709d6fa07792b87d0
- SHA256
  
  f8f9c55ee736e58be5eaddb2a6e65a9a45e9249e6a0b1ec90aec13023572591f
- SHA512
  
  4db37dbc5a399e7f97438297b007c37ae969f964d3f7810feec00a2420e5aa5a420ed9f70ee059bdea324320219aba371e929c7ad8391f9239a98c7c1fa7601e
- SSDEEP
  
  768:EMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lwtzxtFNeIA:tNW71rcYDAWeotvXlWnFUI
Score

10^/10

xtremerat persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratpersistenceratspywareupx

behavioral2

xtremeratpersistenceratspywareupx

© 2018-2024

Terms | Privacy