xtremerat | 0992fc28c7c6d413a0501a339b5dc71a8d2bed2cb6c698d2a41a651c94409a8a | Triage

Submit
Reports

Overview

overview

Static

static

0992fc28c7...8a.exe

windows7-x64

0992fc28c7...8a.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0992fc28c7c6d413a0501a339b5dc71a8d2bed2cb6c698d2a41a651c94409a8a
Size

633KB
Sample

221029-3laz6sbhb2
MD5

83d092a8ea4b1d1af5ac3311bc5d4150
SHA1

6f291cc5470469f0fbcd8c746434604fa224c364
SHA256

0992fc28c7c6d413a0501a339b5dc71a8d2bed2cb6c698d2a41a651c94409a8a
SHA512

b94656a53adf056faad25aab2c0ed8561c1f7b7a7b3074564347831a6b83787cd430514546b6d42ac7508d3091d565d81f842d4c430532040ad0d54e8041dd70
SSDEEP

12288:hDneRv9s2yWdzenpUmCZwXfrpe7IXPNltV77AEIKmokniaGpHlkB:9a9ByWUnpUaXIkfNWTKknQpa

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

Behavioral task

behavioral1

Sample

0992fc28c7c6d413a0501a339b5dc71a8d2bed2cb6c698d2a41a651c94409a8a.exe

Resource

win7-20220812-en

xtremerat persistence rat spyware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

0992fc28c7c6d413a0501a339b5dc71a8d2bed2cb6c698d2a41a651c94409a8a.exe

Resource

win10v2004-20220901-en

xtremerat persistence rat spyware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  0992fc28c7c6d413a0501a339b5dc71a8d2bed2cb6c698d2a41a651c94409a8a
- Size
  
  633KB
- MD5
  
  83d092a8ea4b1d1af5ac3311bc5d4150
- SHA1
  
  6f291cc5470469f0fbcd8c746434604fa224c364
- SHA256
  
  0992fc28c7c6d413a0501a339b5dc71a8d2bed2cb6c698d2a41a651c94409a8a
- SHA512
  
  b94656a53adf056faad25aab2c0ed8561c1f7b7a7b3074564347831a6b83787cd430514546b6d42ac7508d3091d565d81f842d4c430532040ad0d54e8041dd70
- SSDEEP
  
  12288:hDneRv9s2yWdzenpUmCZwXfrpe7IXPNltV77AEIKmokniaGpHlkB:9a9ByWUnpUaXIkfNWTKknQpa
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2025

Terms | Privacy