General

  • Target

    be3d847a4f2c3751f5639b1ee0f73ca309181d41eea1cbfe6eb8a6a663c9310b

  • Size

    81KB

  • Sample

    221123-3hlbqsce44

  • MD5

    506018d9550c8c631b3d52e7d4d4ffb1

  • SHA1

    5844f06a64c700c360b1a6387f43daa90bd3e2b9

  • SHA256

    be3d847a4f2c3751f5639b1ee0f73ca309181d41eea1cbfe6eb8a6a663c9310b

  • SHA512

    5d4c90400b5504011a4299bd086a472699b4f979c16cee885214163ba0dd04b7076d4df2827d71b6965e09bdccb4d32a4d17e14bffb79918eb5a3684e6a3c592

  • SSDEEP

    1536:xT8qDqQdUgMK3tGjbNwPZ6dIeXHWzl5NX3RfEfwG:1qLXKdcQeXHWZ1cf

Malware Config

Extracted

Family

xtremerat

C2

esam2at.no-ip.biz

Targets

    • Target

      be3d847a4f2c3751f5639b1ee0f73ca309181d41eea1cbfe6eb8a6a663c9310b

    • Size

      81KB

    • MD5

      506018d9550c8c631b3d52e7d4d4ffb1

    • SHA1

      5844f06a64c700c360b1a6387f43daa90bd3e2b9

    • SHA256

      be3d847a4f2c3751f5639b1ee0f73ca309181d41eea1cbfe6eb8a6a663c9310b

    • SHA512

      5d4c90400b5504011a4299bd086a472699b4f979c16cee885214163ba0dd04b7076d4df2827d71b6965e09bdccb4d32a4d17e14bffb79918eb5a3684e6a3c592

    • SSDEEP

      1536:xT8qDqQdUgMK3tGjbNwPZ6dIeXHWzl5NX3RfEfwG:1qLXKdcQeXHWZ1cf

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v6

Tasks