General

  • Target

    a4cb37757bffbf147b14c17f8939bc2c

  • Size

    33KB

  • Sample

    240225-2sbplsfb8v

  • MD5

    a4cb37757bffbf147b14c17f8939bc2c

  • SHA1

    6507f64428f1f3c1477c9abaed3570536da034c9

  • SHA256

    ea0482f3a349970b30e289698b063dcbc120c739b29d17425c4a6ebb6df924c8

  • SHA512

    8f321388d916b6a8ce746f3cb132fc0443d4b85395bfb43afbbcd82fd4a833d57a6b6a422c4907451ab47d21ed82079e7c2ca6aeb2d051b20f0817d8a8535a91

  • SSDEEP

    768:zMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgRMdd5ri4ZaispD:INW71rcYDAWeoDrsEud5rz

Malware Config

Extracted

Family

xtremerat

C2

z2a.no-ip.info

Targets

    • Target

      a4cb37757bffbf147b14c17f8939bc2c

    • Size

      33KB

    • MD5

      a4cb37757bffbf147b14c17f8939bc2c

    • SHA1

      6507f64428f1f3c1477c9abaed3570536da034c9

    • SHA256

      ea0482f3a349970b30e289698b063dcbc120c739b29d17425c4a6ebb6df924c8

    • SHA512

      8f321388d916b6a8ce746f3cb132fc0443d4b85395bfb43afbbcd82fd4a833d57a6b6a422c4907451ab47d21ed82079e7c2ca6aeb2d051b20f0817d8a8535a91

    • SSDEEP

      768:zMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgRMdd5ri4ZaispD:INW71rcYDAWeoDrsEud5rz

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks