xtremerat | 02815d7853672aed17ff65444f622b87a187179ce78fa1a8a97adb75752bb0c7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

02815d7853...c7.exe

windows7-x64

02815d7853...c7.exe

windows10-2004-x64

Sharing

General

Target

02815d7853672aed17ff65444f622b87a187179ce78fa1a8a97adb75752bb0c7
Size

301KB
Sample

221107-ytb5zsfdg8
MD5

0583d585ce50f44dd74afc429ee15f52
SHA1

accf6722eaaeac2f09b2376146f632587af600aa
SHA256

02815d7853672aed17ff65444f622b87a187179ce78fa1a8a97adb75752bb0c7
SHA512

80d5c59a8ff4b902513046cd80d4814e4900f95f407f8ad2ef847a505ee4f46a7799d16ccde8f602e997d5c2dfee6e5aac0b0125766634a6a93424d384c8f830
SSDEEP

768:/8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29IfncF/yyR+P2ujfj8C5zoYyrCr:nsq+QV4rObAdXWpfkybvowSlVox

Score

10^/10

xtremerat persistence rat spyware upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

02815d7853672aed17ff65444f622b87a187179ce78fa1a8a97adb75752bb0c7.exe

Resource

win7-20220901-en

xtremerat persistence rat spyware upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

02815d7853672aed17ff65444f622b87a187179ce78fa1a8a97adb75752bb0c7.exe

Resource

win10v2004-20220812-en

xtremerat persistence rat spyware upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

adel1.no-ip.biz

Targets

- Target
  
  02815d7853672aed17ff65444f622b87a187179ce78fa1a8a97adb75752bb0c7
- Size
  
  301KB
- MD5
  
  0583d585ce50f44dd74afc429ee15f52
- SHA1
  
  accf6722eaaeac2f09b2376146f632587af600aa
- SHA256
  
  02815d7853672aed17ff65444f622b87a187179ce78fa1a8a97adb75752bb0c7
- SHA512
  
  80d5c59a8ff4b902513046cd80d4814e4900f95f407f8ad2ef847a505ee4f46a7799d16ccde8f602e997d5c2dfee6e5aac0b0125766634a6a93424d384c8f830
- SSDEEP
  
  768:/8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29IfncF/yyR+P2ujfj8C5zoYyrCr:nsq+QV4rObAdXWpfkybvowSlVox
Score

10^/10

xtremerat persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratpersistenceratspywareupx

behavioral2

xtremeratpersistenceratspywareupx

© 2018-2025

Terms | Privacy