General

  • Target

    b186d8586fcff7554d677c4ed9035dd6

  • Size

    26KB

  • Sample

    240304-h2ps2scf5z

  • MD5

    b186d8586fcff7554d677c4ed9035dd6

  • SHA1

    6d342b9dd97bbe0cc62e46a247540d87c32608c2

  • SHA256

    c4a11f68afd50e9e3f494522c8a14fc8b824224741d73cc576871a192fd41d78

  • SHA512

    586aafc38dcd2da657a27c4ed51426e89a20c85e63f5f0b8d084eda61ef7d66293f4144378b096c397ac54dc2a9c5dc4e7f87d1a403c24f87321fff69c930e02

  • SSDEEP

    384:Spj7eNmfp+UrM8j3Mk8mw2Qwz9cEVWNuOuuOYPq8P9iYwbzuRExgJpIuP414r3:fmfpbM8j8wQwz9caAuxYyuDExEpIuP4

Malware Config

Targets

    • Target

      b186d8586fcff7554d677c4ed9035dd6

    • Size

      26KB

    • MD5

      b186d8586fcff7554d677c4ed9035dd6

    • SHA1

      6d342b9dd97bbe0cc62e46a247540d87c32608c2

    • SHA256

      c4a11f68afd50e9e3f494522c8a14fc8b824224741d73cc576871a192fd41d78

    • SHA512

      586aafc38dcd2da657a27c4ed51426e89a20c85e63f5f0b8d084eda61ef7d66293f4144378b096c397ac54dc2a9c5dc4e7f87d1a403c24f87321fff69c930e02

    • SSDEEP

      384:Spj7eNmfp+UrM8j3Mk8mw2Qwz9cEVWNuOuuOYPq8P9iYwbzuRExgJpIuP414r3:fmfpbM8j8wQwz9caAuxYyuDExEpIuP4

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Modifies Installed Components in the registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks