General

  • Target

    029d475847136bfe124b34f18f6e0d3ec7b6f5a73aefd7d75a6db059b884fb67

  • Size

    81KB

  • Sample

    221123-3hmjssce46

  • MD5

    4c78be480ab833d05466a59d1c310b00

  • SHA1

    40591c7a7d8a301f6e37fa59de6ef7a20541d522

  • SHA256

    029d475847136bfe124b34f18f6e0d3ec7b6f5a73aefd7d75a6db059b884fb67

  • SHA512

    73ba13cf03c9ad1cc2f002bd363f3fe309ce97af28e14c00058db29092d8ce29cef3d5f7cc132720966614017fc0b5a6631c01fe9414cf33dbe611a030387d83

  • SSDEEP

    1536:xk8qDqQdUgMK3tGjbNwPZ6d4eXHWzl5NX3RfEfwG:CqLXKdcgeXHWZ1cf

Malware Config

Extracted

Family

xtremerat

C2

esam2at.no-ip.biz

Targets

    • Target

      029d475847136bfe124b34f18f6e0d3ec7b6f5a73aefd7d75a6db059b884fb67

    • Size

      81KB

    • MD5

      4c78be480ab833d05466a59d1c310b00

    • SHA1

      40591c7a7d8a301f6e37fa59de6ef7a20541d522

    • SHA256

      029d475847136bfe124b34f18f6e0d3ec7b6f5a73aefd7d75a6db059b884fb67

    • SHA512

      73ba13cf03c9ad1cc2f002bd363f3fe309ce97af28e14c00058db29092d8ce29cef3d5f7cc132720966614017fc0b5a6631c01fe9414cf33dbe611a030387d83

    • SSDEEP

      1536:xk8qDqQdUgMK3tGjbNwPZ6d4eXHWzl5NX3RfEfwG:CqLXKdcgeXHWZ1cf

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v6

Tasks