General

  • Target

    2f872ca12953a23ad6fca31157fe685f743a49e7458d6e1276efc252855779d5

  • Size

    33KB

  • Sample

    221122-y1evfsff68

  • MD5

    dcaec9886de3f6fcc75f02e6b80f2113

  • SHA1

    b77f7988f820cf8f954e80a342246fe6efc06433

  • SHA256

    2f872ca12953a23ad6fca31157fe685f743a49e7458d6e1276efc252855779d5

  • SHA512

    7ef95276261983cda57756fd48d97cbe819d9b26c0fb420fe48caa2b4fe210b67259751c2f7ea843f7184027fe5c42fe1b8b47e539beabfda064793648026604

  • SSDEEP

    768:hMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lPtPK5N:KNW71rcYDAWeotvXlVO

Malware Config

Extracted

Family

xtremerat

C2

jozefmim-DZ.zapto.org

Targets

    • Target

      2f872ca12953a23ad6fca31157fe685f743a49e7458d6e1276efc252855779d5

    • Size

      33KB

    • MD5

      dcaec9886de3f6fcc75f02e6b80f2113

    • SHA1

      b77f7988f820cf8f954e80a342246fe6efc06433

    • SHA256

      2f872ca12953a23ad6fca31157fe685f743a49e7458d6e1276efc252855779d5

    • SHA512

      7ef95276261983cda57756fd48d97cbe819d9b26c0fb420fe48caa2b4fe210b67259751c2f7ea843f7184027fe5c42fe1b8b47e539beabfda064793648026604

    • SSDEEP

      768:hMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lPtPK5N:KNW71rcYDAWeotvXlVO

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v6

Tasks