General

  • Target

    f938386eaec0a83c7ca2831d9d35c8ca8b6016ba08e4d940f526751ae8c53d60

  • Size

    65KB

  • Sample

    221123-3hjg5sce38

  • MD5

    2b18dafbacbef77d4102b320e83d3fb2

  • SHA1

    9dc2c865b656caf8f4d13c2d14c1c18a70ca123f

  • SHA256

    f938386eaec0a83c7ca2831d9d35c8ca8b6016ba08e4d940f526751ae8c53d60

  • SHA512

    dca51a27abbbb49f233768d181e57e0696201f3398d768e13124c9f5a44e203ab0c0f1fe9e2e7335dc099a8e108e075c405f8269429a8d129990f23cd97bd096

  • SSDEEP

    768:J9m1Sq4NQkrBsH1U8z05DeeQuMVTyN8ipHo37Vmd6AeXVtWAJ7A+7voNwzQSI:2sq+Q1aZQuIyJp0mgA+FJ0LNwW

Malware Config

Extracted

Family

xtremerat

C2

amhi.no-ip.info

Targets

    • Target

      f938386eaec0a83c7ca2831d9d35c8ca8b6016ba08e4d940f526751ae8c53d60

    • Size

      65KB

    • MD5

      2b18dafbacbef77d4102b320e83d3fb2

    • SHA1

      9dc2c865b656caf8f4d13c2d14c1c18a70ca123f

    • SHA256

      f938386eaec0a83c7ca2831d9d35c8ca8b6016ba08e4d940f526751ae8c53d60

    • SHA512

      dca51a27abbbb49f233768d181e57e0696201f3398d768e13124c9f5a44e203ab0c0f1fe9e2e7335dc099a8e108e075c405f8269429a8d129990f23cd97bd096

    • SSDEEP

      768:J9m1Sq4NQkrBsH1U8z05DeeQuMVTyN8ipHo37Vmd6AeXVtWAJ7A+7voNwzQSI:2sq+Q1aZQuIyJp0mgA+FJ0LNwW

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v6

Tasks