General

  • Target

    a4328ab2ed9a6a70d4a6ae0de09f20be

  • Size

    40KB

  • Sample

    240225-tgx5gafd25

  • MD5

    a4328ab2ed9a6a70d4a6ae0de09f20be

  • SHA1

    3817e50b7e1033315df41aefdd09174289b80f1d

  • SHA256

    c1ee2879e8c99f8c45f9fcc1fdeedaebc96d84db6ee29ee816fad2177e6e8bb0

  • SHA512

    d5f036823168c081bf4b393254c2b2671c62197b15d6b41536341db2d70e03bbae32c48142ceb7ee041be11654a0f6038f7284335b9bce1a562ca314dbdd18aa

  • SSDEEP

    768:SEoh2hdN12Ozhiow2GkmFjf3/pBzNBwIldCzoc:SvEzMOlw2GkmR3/Blduoc

Malware Config

Targets

    • Target

      a4328ab2ed9a6a70d4a6ae0de09f20be

    • Size

      40KB

    • MD5

      a4328ab2ed9a6a70d4a6ae0de09f20be

    • SHA1

      3817e50b7e1033315df41aefdd09174289b80f1d

    • SHA256

      c1ee2879e8c99f8c45f9fcc1fdeedaebc96d84db6ee29ee816fad2177e6e8bb0

    • SHA512

      d5f036823168c081bf4b393254c2b2671c62197b15d6b41536341db2d70e03bbae32c48142ceb7ee041be11654a0f6038f7284335b9bce1a562ca314dbdd18aa

    • SSDEEP

      768:SEoh2hdN12Ozhiow2GkmFjf3/pBzNBwIldCzoc:SvEzMOlw2GkmR3/Blduoc

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks