General

  • Target

    bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39

  • Size

    21KB

  • Sample

    221122-y1f3hsff72

  • MD5

    4b55412a1a5fd0e238578068d41d7012

  • SHA1

    20156b4f5fa96870c7649fb510008f0e7e13fc8e

  • SHA256

    bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39

  • SHA512

    8c3fb507fcdd722509614b89bdbe74f832b5d5c039a0c14cbe1bc98cd1ba0e5b98917b7448fda10c36bdc5789d7c19b7799e560fd861b1a109b22d767e94b439

  • SSDEEP

    384:jIdmF+TH95xJMu/0PlxjV8BINhuLJ37tMOpuqqz3KK7eIVmiW6d6bt/JaRgVpLR:jIsF8HdbKjV8BX7Vy6K7eIVTW6dOtkOp

Malware Config

Targets

    • Target

      bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39

    • Size

      21KB

    • MD5

      4b55412a1a5fd0e238578068d41d7012

    • SHA1

      20156b4f5fa96870c7649fb510008f0e7e13fc8e

    • SHA256

      bdd1eeb61b7a594a1b89b78a950c01735c630824fe062dbbb4842fc080742d39

    • SHA512

      8c3fb507fcdd722509614b89bdbe74f832b5d5c039a0c14cbe1bc98cd1ba0e5b98917b7448fda10c36bdc5789d7c19b7799e560fd861b1a109b22d767e94b439

    • SSDEEP

      384:jIdmF+TH95xJMu/0PlxjV8BINhuLJ37tMOpuqqz3KK7eIVmiW6d6bt/JaRgVpLR:jIsF8HdbKjV8BX7Vy6K7eIVTW6dOtkOp

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Modifies Installed Components in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Deletes itself

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks