xtremerat | 404095c2d1b2faff39969b952eac822d1a4dc61b4c0d2e4c6db2a29870646cb0 | Triage

Submit
Reports

Overview

overview

Static

static

3

e3da07473d...18.exe

windows7-x64

e3da07473d...18.exe

windows10-2004-x64

Sharing

General

Target

e3da07473d8361f6ee34113987b5cae7_JaffaCakes118
Size

341KB
Sample

240407-cyzwysbc48
MD5

e3da07473d8361f6ee34113987b5cae7
SHA1

1eb02923a8327d9754752d8631b14c8e364ce7b7
SHA256

404095c2d1b2faff39969b952eac822d1a4dc61b4c0d2e4c6db2a29870646cb0
SHA512

c3c48a10913aa744439d908d5337b8328de6595ca63719825fe84e56d90b86a5531554eb623616dce41ae86eebe08aa1425888f7ebd200bd206e12e1973ff53a
SSDEEP

1536:l0LCEWYTuK652xCAq3TNbbYKxXWgHeHGqLGjNBsyRxpPfw1npfBHFg2l0AkSo:+LC+u+9mq+Th9gZlg2aHZ

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e3da07473d8361f6ee34113987b5cae7_JaffaCakes118.exe

Resource

win7-20240221-en

xtremerat persistence rat spyware

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

e3da07473d8361f6ee34113987b5cae7_JaffaCakes118.exe

Resource

win10v2004-20231215-en

xtremerat persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  e3da07473d8361f6ee34113987b5cae7_JaffaCakes118
- Size
  
  341KB
- MD5
  
  e3da07473d8361f6ee34113987b5cae7
- SHA1
  
  1eb02923a8327d9754752d8631b14c8e364ce7b7
- SHA256
  
  404095c2d1b2faff39969b952eac822d1a4dc61b4c0d2e4c6db2a29870646cb0
- SHA512
  
  c3c48a10913aa744439d908d5337b8328de6595ca63719825fe84e56d90b86a5531554eb623616dce41ae86eebe08aa1425888f7ebd200bd206e12e1973ff53a
- SSDEEP
  
  1536:l0LCEWYTuK652xCAq3TNbbYKxXWgHeHGqLGjNBsyRxpPfw1npfBHFg2l0AkSo:+LC+u+9mq+Th9gZlg2aHZ
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2024

Terms | Privacy