General

  • Target

    90844ef2c6d36deeee5a5e041e001278

  • Size

    26KB

  • Sample

    240205-aebznsebf3

  • MD5

    90844ef2c6d36deeee5a5e041e001278

  • SHA1

    5ce2573f839e7ce7dd21629c3ba553d5f466c7ea

  • SHA256

    3ab164f3368093e4dfc1d8d03a94e7df887e7c6b801218f92ae73ee5bfecc0e4

  • SHA512

    41b8896109be7a4b1e7296eadcf3117338a8d32b88f26bdb9fc52b15b282a2973868bfacc26c86a3245d10c9f7b27b256e42434d0b9cd329f6450d0b504b7625

  • SSDEEP

    768:uyxsv4Mb+dRdSxEHj1WDFK/UlBf1JJ//d8MEU:uZvEEEHZklBf1Jt/7E

Malware Config

Extracted

Family

xtremerat

C2

koko582008.zapto.org

Targets

    • Target

      90844ef2c6d36deeee5a5e041e001278

    • Size

      26KB

    • MD5

      90844ef2c6d36deeee5a5e041e001278

    • SHA1

      5ce2573f839e7ce7dd21629c3ba553d5f466c7ea

    • SHA256

      3ab164f3368093e4dfc1d8d03a94e7df887e7c6b801218f92ae73ee5bfecc0e4

    • SHA512

      41b8896109be7a4b1e7296eadcf3117338a8d32b88f26bdb9fc52b15b282a2973868bfacc26c86a3245d10c9f7b27b256e42434d0b9cd329f6450d0b504b7625

    • SSDEEP

      768:uyxsv4Mb+dRdSxEHj1WDFK/UlBf1JJ//d8MEU:uZvEEEHZklBf1Jt/7E

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks