General

  • Target

    5ca9ebaede2011997ec12e0f4fcbb54c8219e83be7577887e0d732875aed9f45

  • Size

    41KB

  • Sample

    221123-3hcplace32

  • MD5

    50ccda24affc0046ab9030d0cbbbcc6a

  • SHA1

    54bae67c96df4461e9c542c490e8256018c56c30

  • SHA256

    5ca9ebaede2011997ec12e0f4fcbb54c8219e83be7577887e0d732875aed9f45

  • SHA512

    e503891b3c18ad6eb34b4e21c7ccbac12d4ba695492d494ed0317b61ed4fc28c6cbb17f91fb53c3660af4aa3d5b06e9c1f0bd04ae79a1c5fed9d62ff12db0919

  • SSDEEP

    768:BMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lTgB5EqqOIij+SmiZwUXd:qNW71rcYDAWeotvXlTgB5Edij+SmSlN

Malware Config

Extracted

Family

xtremerat

C2

max123max.no-ip.org

Targets

    • Target

      5ca9ebaede2011997ec12e0f4fcbb54c8219e83be7577887e0d732875aed9f45

    • Size

      41KB

    • MD5

      50ccda24affc0046ab9030d0cbbbcc6a

    • SHA1

      54bae67c96df4461e9c542c490e8256018c56c30

    • SHA256

      5ca9ebaede2011997ec12e0f4fcbb54c8219e83be7577887e0d732875aed9f45

    • SHA512

      e503891b3c18ad6eb34b4e21c7ccbac12d4ba695492d494ed0317b61ed4fc28c6cbb17f91fb53c3660af4aa3d5b06e9c1f0bd04ae79a1c5fed9d62ff12db0919

    • SSDEEP

      768:BMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lTgB5EqqOIij+SmiZwUXd:qNW71rcYDAWeotvXlTgB5Edij+SmSlN

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v6

Tasks