General

  • Target

    8d9da7aba582a39ca6fc1315b22df05d

  • Size

    282KB

  • Sample

    240203-29gl7acbd7

  • MD5

    8d9da7aba582a39ca6fc1315b22df05d

  • SHA1

    0934fe9b3698e89347cb98041ebea5f170a49679

  • SHA256

    d20d7b710ba8452c06129dccf4fd1830d47cc9b46db7a0b140b2683358ad89c4

  • SHA512

    8976e0dabcd51c2761b922135919bf8dd8112df36044870b46e8a74619c337864c616ae9a7969aecc5e32861be3e88dac48914382db789d363a6211b12ad5780

  • SSDEEP

    768:kWc9quCDQyTZsnw0bCdovh1oMbFoUHS2NfcXaSbjDVgUXYteu:Xc9quCDQTwM9By25WVYl

Malware Config

Extracted

Family

xtremerat

C2

firex2012.no-ip.biz

Targets

    • Target

      8d9da7aba582a39ca6fc1315b22df05d

    • Size

      282KB

    • MD5

      8d9da7aba582a39ca6fc1315b22df05d

    • SHA1

      0934fe9b3698e89347cb98041ebea5f170a49679

    • SHA256

      d20d7b710ba8452c06129dccf4fd1830d47cc9b46db7a0b140b2683358ad89c4

    • SHA512

      8976e0dabcd51c2761b922135919bf8dd8112df36044870b46e8a74619c337864c616ae9a7969aecc5e32861be3e88dac48914382db789d363a6211b12ad5780

    • SSDEEP

      768:kWc9quCDQyTZsnw0bCdovh1oMbFoUHS2NfcXaSbjDVgUXYteu:Xc9quCDQTwM9By25WVYl

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks