General

  • Target

    b34748f8f7c308cfafc6076b9bcbffb3aaa3ae5b02893c03ad2bc7c4256317d7

  • Size

    179KB

  • Sample

    221123-3g99gace24

  • MD5

    003fb58c5d39963300020ff8728e3de0

  • SHA1

    a78663d3f384225d2cf5b9b7b1287141ff915d93

  • SHA256

    b34748f8f7c308cfafc6076b9bcbffb3aaa3ae5b02893c03ad2bc7c4256317d7

  • SHA512

    40fba3dac4456de88103c9257ac60e70a1c43a8bb6b3679fb2bfefbb386c1b774a33564e3295746c06066bf38261a61d62160d01df98988330acc29353d3f8f1

  • SSDEEP

    3072:144rj/WodGcTo2y/Z17mko9C+mRY9AGFZC8LCmoQ:aKdxlybal9C7RY9AGrkmv

Malware Config

Extracted

Family

xtremerat

C2

esam2at.no-ip.biz

Targets

    • Target

      b34748f8f7c308cfafc6076b9bcbffb3aaa3ae5b02893c03ad2bc7c4256317d7

    • Size

      179KB

    • MD5

      003fb58c5d39963300020ff8728e3de0

    • SHA1

      a78663d3f384225d2cf5b9b7b1287141ff915d93

    • SHA256

      b34748f8f7c308cfafc6076b9bcbffb3aaa3ae5b02893c03ad2bc7c4256317d7

    • SHA512

      40fba3dac4456de88103c9257ac60e70a1c43a8bb6b3679fb2bfefbb386c1b774a33564e3295746c06066bf38261a61d62160d01df98988330acc29353d3f8f1

    • SSDEEP

      3072:144rj/WodGcTo2y/Z17mko9C+mRY9AGFZC8LCmoQ:aKdxlybal9C7RY9AGrkmv

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v6

Tasks