General

  • Target

    76ab6cf71800a8934cb4d3bb96ec47a5

  • Size

    85KB

  • Sample

    240126-hkeazshebq

  • MD5

    76ab6cf71800a8934cb4d3bb96ec47a5

  • SHA1

    2f33e7f5391666710a60987c41315a1e64ec20dc

  • SHA256

    b234b98d053b8f4a7b8d93884edf47862f07b4dd6bf96d747657936c2f0a5878

  • SHA512

    0c0af2a866f0c72e6e8f64c2949b61cc743856c6d11578cf2a2b025175e27ade9ffff785d0e292598fb6ad584273286bccdd03bf2eff72b57d54366611a9dc29

  • SSDEEP

    768:28m1Sq4NQErBsH1lzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiZKPA+7Xoh:Esq+QVYrObAdXWpf/y+7ozNwiGfEftog

Malware Config

Extracted

Family

xtremerat

C2

esam2at.no-ip.biz

Targets

    • Target

      76ab6cf71800a8934cb4d3bb96ec47a5

    • Size

      85KB

    • MD5

      76ab6cf71800a8934cb4d3bb96ec47a5

    • SHA1

      2f33e7f5391666710a60987c41315a1e64ec20dc

    • SHA256

      b234b98d053b8f4a7b8d93884edf47862f07b4dd6bf96d747657936c2f0a5878

    • SHA512

      0c0af2a866f0c72e6e8f64c2949b61cc743856c6d11578cf2a2b025175e27ade9ffff785d0e292598fb6ad584273286bccdd03bf2eff72b57d54366611a9dc29

    • SSDEEP

      768:28m1Sq4NQErBsH1lzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiZKPA+7Xoh:Esq+QVYrObAdXWpf/y+7ozNwiGfEftog

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks