General

  • Target

    d9797fbfe1cc28ed2531f2a82dea22a421dccf8b0f99334e93b5b5e88acc1fcd

  • Size

    85KB

  • Sample

    221122-y1dbmabb2z

  • MD5

    12252e2482a38ebb325cb848269de598

  • SHA1

    b449cf6cb7808ee36db02bffa2b96fdcb44b19c6

  • SHA256

    d9797fbfe1cc28ed2531f2a82dea22a421dccf8b0f99334e93b5b5e88acc1fcd

  • SHA512

    9355ca2725c8523bdeca37e75770020c1b8e6c6f5ad73601cd1a30ee432b7aec200f8e58d73b389fc93c4ceed51e5504ecbcf3233fa86e982fa9f228677821ce

  • SSDEEP

    1536:Gsq+QV4rObAdXWpf/y+7ozNwiE5u/5uko1p:H44rj/WodE5u/5ukof

Malware Config

Extracted

Family

xtremerat

C2

seids.no-ip.org

Targets

    • Target

      d9797fbfe1cc28ed2531f2a82dea22a421dccf8b0f99334e93b5b5e88acc1fcd

    • Size

      85KB

    • MD5

      12252e2482a38ebb325cb848269de598

    • SHA1

      b449cf6cb7808ee36db02bffa2b96fdcb44b19c6

    • SHA256

      d9797fbfe1cc28ed2531f2a82dea22a421dccf8b0f99334e93b5b5e88acc1fcd

    • SHA512

      9355ca2725c8523bdeca37e75770020c1b8e6c6f5ad73601cd1a30ee432b7aec200f8e58d73b389fc93c4ceed51e5504ecbcf3233fa86e982fa9f228677821ce

    • SSDEEP

      1536:Gsq+QV4rObAdXWpf/y+7ozNwiE5u/5uko1p:H44rj/WodE5u/5ukof

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v6

Tasks