xtremerat | 0337777df94ae1fcb5a4fe325f1c83da026eb5985dae8fec90230ccd3f56c092 | Triage

Submit
Reports

Overview

overview

Static

static

0337777df9...92.exe

windows7-x64

0337777df9...92.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

0337777df94ae1fcb5a4fe325f1c83da026eb5985dae8fec90230ccd3f56c092
Size

452KB
Sample

221030-qxwpssdfgr
MD5

93c97ad9849b96517b157c6634ac0c70
SHA1

7a36c2739593ceb3b5f04fc91e3cf3497465364d
SHA256

0337777df94ae1fcb5a4fe325f1c83da026eb5985dae8fec90230ccd3f56c092
SHA512

cccb3f1eb1789c5f93420eb06042c4ecd03708701c65b379854400e5ab401c2117e593ee95a3bfb335d81691ae0e32a7d12b5fecb16f2ee1e78894ec81e8cfaa
SSDEEP

6144:ebL0yiwta1lGuw8ylN3pPRELbgr5/iJd5hAy0nGE/xcEm/XfkbLmgRgrPd3iq:eP0yiwt7uvsTEIr5/0B/0nGEK/fr3i

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

Behavioral task

behavioral1

Sample

0337777df94ae1fcb5a4fe325f1c83da026eb5985dae8fec90230ccd3f56c092.exe

Resource

win7-20220901-en

xtremerat persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0337777df94ae1fcb5a4fe325f1c83da026eb5985dae8fec90230ccd3f56c092.exe

Resource

win10v2004-20220812-en

xtremerat persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  0337777df94ae1fcb5a4fe325f1c83da026eb5985dae8fec90230ccd3f56c092
- Size
  
  452KB
- MD5
  
  93c97ad9849b96517b157c6634ac0c70
- SHA1
  
  7a36c2739593ceb3b5f04fc91e3cf3497465364d
- SHA256
  
  0337777df94ae1fcb5a4fe325f1c83da026eb5985dae8fec90230ccd3f56c092
- SHA512
  
  cccb3f1eb1789c5f93420eb06042c4ecd03708701c65b379854400e5ab401c2117e593ee95a3bfb335d81691ae0e32a7d12b5fecb16f2ee1e78894ec81e8cfaa
- SSDEEP
  
  6144:ebL0yiwta1lGuw8ylN3pPRELbgr5/iJd5hAy0nGE/xcEm/XfkbLmgRgrPd3iq:eP0yiwt7uvsTEIr5/0B/0nGEK/fr3i
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2025

Terms | Privacy