General

  • Target

    e51503529d3140a716bded0724ce4e2f5a2c5de4bfa5aa7917c17d1eab265f0e

  • Size

    45KB

  • Sample

    221124-d3ra2shf4t

  • MD5

    6bfed69ae60ad8b6938fd16077a2cea0

  • SHA1

    99b23c6622979a135c31b7c33bfe37be17671028

  • SHA256

    e51503529d3140a716bded0724ce4e2f5a2c5de4bfa5aa7917c17d1eab265f0e

  • SHA512

    f9e1cd784711d991d0260e42f588c92b676cfa292e62ff5571f555e5ea96021b0f8a67b6fc72c9e5226e5c96d8516e2e9e01b9df8c864481d7bfcc580d12a68a

  • SSDEEP

    768:fBr+tjFY90iY6W1jwmzKgEFQX6klMIAnAbhwfOgw0cUzova:pyRh31jpPEFQX6k+Ab4bJova

Malware Config

Targets

    • Target

      e51503529d3140a716bded0724ce4e2f5a2c5de4bfa5aa7917c17d1eab265f0e

    • Size

      45KB

    • MD5

      6bfed69ae60ad8b6938fd16077a2cea0

    • SHA1

      99b23c6622979a135c31b7c33bfe37be17671028

    • SHA256

      e51503529d3140a716bded0724ce4e2f5a2c5de4bfa5aa7917c17d1eab265f0e

    • SHA512

      f9e1cd784711d991d0260e42f588c92b676cfa292e62ff5571f555e5ea96021b0f8a67b6fc72c9e5226e5c96d8516e2e9e01b9df8c864481d7bfcc580d12a68a

    • SSDEEP

      768:fBr+tjFY90iY6W1jwmzKgEFQX6klMIAnAbhwfOgw0cUzova:pyRh31jpPEFQX6k+Ab4bJova

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Modifies Installed Components in the registry

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks