General

  • Target

    a30bf523eeaeae1c236251907aeea78b

  • Size

    65KB

  • Sample

    240225-gk5x9sdb76

  • MD5

    a30bf523eeaeae1c236251907aeea78b

  • SHA1

    23295eeeaccd26b7657ed09a4ec0889477625802

  • SHA256

    b0d512f70b819fdf505fe3dfa94b1a8a56489501dab34c6f16f2fcd3df6e3fe3

  • SHA512

    c63b1052283095f16b4ab10c90ecde2b27187f2b51a6ff970d1186e5d4ab18539c7e47f3162b869286f2fced84c98eb691be41639903a8e7091b9335f308eeb6

  • SSDEEP

    768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiZKPA+7XoN:Qsq+QV4rObAdXWpf/y+7ozNwiMoFnv

Malware Config

Extracted

Family

xtremerat

C2

necobyzt.no-ip.biz

Targets

    • Target

      a30bf523eeaeae1c236251907aeea78b

    • Size

      65KB

    • MD5

      a30bf523eeaeae1c236251907aeea78b

    • SHA1

      23295eeeaccd26b7657ed09a4ec0889477625802

    • SHA256

      b0d512f70b819fdf505fe3dfa94b1a8a56489501dab34c6f16f2fcd3df6e3fe3

    • SHA512

      c63b1052283095f16b4ab10c90ecde2b27187f2b51a6ff970d1186e5d4ab18539c7e47f3162b869286f2fced84c98eb691be41639903a8e7091b9335f308eeb6

    • SSDEEP

      768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiZKPA+7XoN:Qsq+QV4rObAdXWpf/y+7ozNwiMoFnv

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks