xtremerat | 29d7348ec6bbdee69d8be5e33524248b89d487ee9671ff26ced1e8a7ed273476 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

29d7348ec6...76.exe

windows7-x64

29d7348ec6...76.exe

windows10-2004-x64

Sharing

General

Target

29d7348ec6bbdee69d8be5e33524248b89d487ee9671ff26ced1e8a7ed273476
Size

425KB
Sample

221127-1awrdsad42
MD5

3223bb78d08e6c075e74b6fa1b831836
SHA1

10f8ceb2b5accfe76072a44056397fb8a0c302ed
SHA256

29d7348ec6bbdee69d8be5e33524248b89d487ee9671ff26ced1e8a7ed273476
SHA512

40cb49caf92d409f19c3e23491e73ca5264e001c0a6f119189403d0790aabf5022edcd0788e2b4e24d862dc1d4d718c0313a5a2507dbc229ca4b6a655bdeec36
SSDEEP

12288:5BUIZIMw7qs9yxHpl61t+Wh7BzmRxJ9wb:blwID8b+WjGxU

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

Behavioral task

behavioral1

Sample

29d7348ec6bbdee69d8be5e33524248b89d487ee9671ff26ced1e8a7ed273476.exe

Resource

win7-20221111-en

xtremerat persistence rat spyware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

29d7348ec6bbdee69d8be5e33524248b89d487ee9671ff26ced1e8a7ed273476.exe

Resource

win10v2004-20220812-en

xtremerat persistence rat spyware

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  29d7348ec6bbdee69d8be5e33524248b89d487ee9671ff26ced1e8a7ed273476
- Size
  
  425KB
- MD5
  
  3223bb78d08e6c075e74b6fa1b831836
- SHA1
  
  10f8ceb2b5accfe76072a44056397fb8a0c302ed
- SHA256
  
  29d7348ec6bbdee69d8be5e33524248b89d487ee9671ff26ced1e8a7ed273476
- SHA512
  
  40cb49caf92d409f19c3e23491e73ca5264e001c0a6f119189403d0790aabf5022edcd0788e2b4e24d862dc1d4d718c0313a5a2507dbc229ca4b6a655bdeec36
- SSDEEP
  
  12288:5BUIZIMw7qs9yxHpl61t+Wh7BzmRxJ9wb:blwID8b+WjGxU
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2025

Terms | Privacy