xtremerat | a098bb1baa5083b3f0d9400aab0ab5ceb7c761ae88032d1bb0f533b63fe43e2f | Triage

Submit
Reports

Overview

overview

Static

static

c495953180...c8.exe

windows7-x64

c495953180...c8.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c495953180f7fc6443f0f39f929a1bc8
Size

33KB
Sample

240313-bjkytagc4w
MD5

c495953180f7fc6443f0f39f929a1bc8
SHA1

a51b78b7525ae5fe3e2481a817f9643c02b7a4f7
SHA256

a098bb1baa5083b3f0d9400aab0ab5ceb7c761ae88032d1bb0f533b63fe43e2f
SHA512

bb41d29df4002ce0ae3eec895a9da0687843c1948e094b7fbc4ec943ad0126582d2b156f379d55eae24fd4572ab07fcfba638319cf265da515329dc3145c84be
SSDEEP

768:pMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lRiJ3j2RK/cu:iNW71rcYDAWeotvXl8p2cc

Score

10^/10

xtremerat persistence rat spyware upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

c495953180f7fc6443f0f39f929a1bc8.exe

Resource

win7-20240221-en

xtremerat persistence rat spyware upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

c495953180f7fc6443f0f39f929a1bc8.exe

Resource

win10v2004-20240226-en

xtremerat persistence rat spyware upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

degarrada.no-ip.org

Targets

- Target
  
  c495953180f7fc6443f0f39f929a1bc8
- Size
  
  33KB
- MD5
  
  c495953180f7fc6443f0f39f929a1bc8
- SHA1
  
  a51b78b7525ae5fe3e2481a817f9643c02b7a4f7
- SHA256
  
  a098bb1baa5083b3f0d9400aab0ab5ceb7c761ae88032d1bb0f533b63fe43e2f
- SHA512
  
  bb41d29df4002ce0ae3eec895a9da0687843c1948e094b7fbc4ec943ad0126582d2b156f379d55eae24fd4572ab07fcfba638319cf265da515329dc3145c84be
- SSDEEP
  
  768:pMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lRiJ3j2RK/cu:iNW71rcYDAWeotvXl8p2cc
Score

10^/10

xtremerat persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratpersistenceratspywareupx

behavioral2

xtremeratpersistenceratspywareupx

© 2018-2025

Terms | Privacy