xtremerat | 84e0ca5e5f7f6fb01336f65c3271bccb0d02682abe93ed63e612fcc1d3059d4e | Triage

Submit
Reports

Overview

overview

Static

static

c4d9663205...71.exe

windows7-x64

c4d9663205...71.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c4d9663205caf2f44d082e14debb5571
Size

65KB
Sample

240313-dxy4psde97
MD5

c4d9663205caf2f44d082e14debb5571
SHA1

f81640493c457887e35b1b30ba548546ca2349bc
SHA256

84e0ca5e5f7f6fb01336f65c3271bccb0d02682abe93ed63e612fcc1d3059d4e
SHA512

4eaa4205077c56d16d9e7d8fd9599655d7c4a950743a69b98af9a93078261d4cfb463a843a5d68493afc7e677a33166997d515c9f149cb442f3f47418821e87c
SSDEEP

768:d9m1Sq4NQkrBsH1U8z05DeeQuMVTyN8ipHo37Vmd6AeXVtWAJ7A+7voNwOSZLqUj:asq+Q1aZQuIyJp0mgA+FJ0LNwt

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

c4d9663205caf2f44d082e14debb5571.exe

Resource

win7-20240221-en

xtremerat persistence rat spyware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c4d9663205caf2f44d082e14debb5571.exe

Resource

win10v2004-20240226-en

xtremerat persistence rat spyware

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

managermagic.no-ip.org

Targets

- Target
  
  c4d9663205caf2f44d082e14debb5571
- Size
  
  65KB
- MD5
  
  c4d9663205caf2f44d082e14debb5571
- SHA1
  
  f81640493c457887e35b1b30ba548546ca2349bc
- SHA256
  
  84e0ca5e5f7f6fb01336f65c3271bccb0d02682abe93ed63e612fcc1d3059d4e
- SHA512
  
  4eaa4205077c56d16d9e7d8fd9599655d7c4a950743a69b98af9a93078261d4cfb463a843a5d68493afc7e677a33166997d515c9f149cb442f3f47418821e87c
- SSDEEP
  
  768:d9m1Sq4NQkrBsH1U8z05DeeQuMVTyN8ipHo37Vmd6AeXVtWAJ7A+7voNwOSZLqUj:asq+Q1aZQuIyJp0mgA+FJ0LNwt
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2025

Terms | Privacy