xtremerat | 04c73beaf792c3562e54d7f41064edd51b110553cae15531eb3c211acb0069d0 | Triage

Submit
Reports

Overview

overview

Static

static

04c73beaf7...d0.exe

windows7-x64

04c73beaf7...d0.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

04c73beaf792c3562e54d7f41064edd51b110553cae15531eb3c211acb0069d0
Size

385KB
Sample

221202-vxczxagf78
MD5

02935de594be070555c1e80dc9a6df20
SHA1

a790b9f4ec07ae1a9e5e633a0354b179bc5a862d
SHA256

04c73beaf792c3562e54d7f41064edd51b110553cae15531eb3c211acb0069d0
SHA512

286a92b12f6b0009aafe38888169251892a1cf8ed4f82aa67ee68d5c0691843e2e577481954cdcc3a775c14d93acf3666babbcc3ab90e4938b4b1b42886a1659
SSDEEP

6144:h08ySZ/I3xyqQI2ohrXO16cXPNeNgsqjNPSKx6LFhnXhGzhjbxK/u/TQE4aQ7K9i:YxmGrXOxQRqAzxMLtpyBgc

Score

10^/10

xtremerat persistence rat spyware upx

Static task

static1

Behavioral task

behavioral1

Sample

04c73beaf792c3562e54d7f41064edd51b110553cae15531eb3c211acb0069d0.exe

Resource

win7-20221111-en

xtremerat persistence rat spyware upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

04c73beaf792c3562e54d7f41064edd51b110553cae15531eb3c211acb0069d0.exe

Resource

win10v2004-20221111-en

xtremerat persistence rat spyware upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  04c73beaf792c3562e54d7f41064edd51b110553cae15531eb3c211acb0069d0
- Size
  
  385KB
- MD5
  
  02935de594be070555c1e80dc9a6df20
- SHA1
  
  a790b9f4ec07ae1a9e5e633a0354b179bc5a862d
- SHA256
  
  04c73beaf792c3562e54d7f41064edd51b110553cae15531eb3c211acb0069d0
- SHA512
  
  286a92b12f6b0009aafe38888169251892a1cf8ed4f82aa67ee68d5c0691843e2e577481954cdcc3a775c14d93acf3666babbcc3ab90e4938b4b1b42886a1659
- SSDEEP
  
  6144:h08ySZ/I3xyqQI2ohrXO16cXPNeNgsqjNPSKx6LFhnXhGzhjbxK/u/TQE4aQ7K9i:YxmGrXOxQRqAzxMLtpyBgc
Score

10^/10

xtremerat persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xtremeratpersistenceratspywareupx

behavioral2

xtremeratpersistenceratspywareupx

© 2018-2025

Terms | Privacy