General

  • Target

    b6293eb177fb7124f4134c148ad93ed0

  • Size

    27KB

  • Sample

    240306-br1z1agb94

  • MD5

    b6293eb177fb7124f4134c148ad93ed0

  • SHA1

    ebee32ec315eb6025ad7a91f87c010c0b696fde6

  • SHA256

    6e4bf673c17d60811e9b493ded9b6e07d363d1fdc19c94ab2cf2091864130aa1

  • SHA512

    e36e5642b78ddf6f70d7811e5162470f23e6d94376544cedd02e583116feaf408abf11e6ea816f66b0499ec9b1cba1d12d26e3959fc439e1b83666a03082f1f2

  • SSDEEP

    768:eDvUGW+cwg39Sa4ee3nsCmOesTEdbp/8:hGBcDB4z3VnesC1/8

Malware Config

Extracted

Family

xtremerat

C2

hakghost.no-ip.biz

Targets

    • Target

      b6293eb177fb7124f4134c148ad93ed0

    • Size

      27KB

    • MD5

      b6293eb177fb7124f4134c148ad93ed0

    • SHA1

      ebee32ec315eb6025ad7a91f87c010c0b696fde6

    • SHA256

      6e4bf673c17d60811e9b493ded9b6e07d363d1fdc19c94ab2cf2091864130aa1

    • SHA512

      e36e5642b78ddf6f70d7811e5162470f23e6d94376544cedd02e583116feaf408abf11e6ea816f66b0499ec9b1cba1d12d26e3959fc439e1b83666a03082f1f2

    • SSDEEP

      768:eDvUGW+cwg39Sa4ee3nsCmOesTEdbp/8:hGBcDB4z3VnesC1/8

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks