General

  • Target

    a44f6f94ed799c96cdaf9823544e8e22

  • Size

    170KB

  • Sample

    240225-vg4gxsge26

  • MD5

    a44f6f94ed799c96cdaf9823544e8e22

  • SHA1

    0d7581aff024005db97bd1e147183533b2293f22

  • SHA256

    3b85b766b462af7c6bc36e403e4d6295679b82113c6ab89486e0a9e6759b9b34

  • SHA512

    48a17dc3c339026724dfea6d3fad8695403e09cf118d6c9d6c8d78c17958026cb234789e626267869654b05eaebdefb3d23a8acd79263cf9100a9bc02d343201

  • SSDEEP

    3072:TaQXf/oXBcT7JkjkstZ1uy/Z17mko9CcsI8uWKhUOPSMe:Tadxcx8J5uybal9CcsxuUOPY

Malware Config

Extracted

Family

xtremerat

C2

esam2at.no-ip.biz

Targets

    • Target

      a44f6f94ed799c96cdaf9823544e8e22

    • Size

      170KB

    • MD5

      a44f6f94ed799c96cdaf9823544e8e22

    • SHA1

      0d7581aff024005db97bd1e147183533b2293f22

    • SHA256

      3b85b766b462af7c6bc36e403e4d6295679b82113c6ab89486e0a9e6759b9b34

    • SHA512

      48a17dc3c339026724dfea6d3fad8695403e09cf118d6c9d6c8d78c17958026cb234789e626267869654b05eaebdefb3d23a8acd79263cf9100a9bc02d343201

    • SSDEEP

      3072:TaQXf/oXBcT7JkjkstZ1uy/Z17mko9CcsI8uWKhUOPSMe:Tadxcx8J5uybal9CcsxuUOPY

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks