General

  • Target

    76266bd388681878df444d8877974c2f

  • Size

    62KB

  • Sample

    240126-cyrwcadeck

  • MD5

    76266bd388681878df444d8877974c2f

  • SHA1

    682c676054b5a6c2315494c3050cfc86566c2dfb

  • SHA256

    bb60f45af6beeca242f658f1528405b1bde56162867f8a723972a53e13b5670a

  • SHA512

    03f7da243970cb0967005c1bc2837df5f8e418476ec918d6a248fde6dd3d4e67395d0d9a6a6183915f16e7c98c48234007533e6cffaadd2ce3d53ee27281d536

  • SSDEEP

    1536:C8qDqQMKQFKOt/jbNpPZ6cbe/HWwloNX3n:CqcqKC/ve/HWeE

Malware Config

Extracted

Family

xtremerat

C2

updatsys.sytes.net

Targets

    • Target

      76266bd388681878df444d8877974c2f

    • Size

      62KB

    • MD5

      76266bd388681878df444d8877974c2f

    • SHA1

      682c676054b5a6c2315494c3050cfc86566c2dfb

    • SHA256

      bb60f45af6beeca242f658f1528405b1bde56162867f8a723972a53e13b5670a

    • SHA512

      03f7da243970cb0967005c1bc2837df5f8e418476ec918d6a248fde6dd3d4e67395d0d9a6a6183915f16e7c98c48234007533e6cffaadd2ce3d53ee27281d536

    • SSDEEP

      1536:C8qDqQMKQFKOt/jbNpPZ6cbe/HWwloNX3n:CqcqKC/ve/HWeE

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks