xtremerat | f7e19d70e0f46d87c813bd371e752261436437d721dc9a99fb81c39420621c8d | Triage

Submit
Reports

Overview

overview

Static

static

efaf9583f5...18.exe

windows7-x64

efaf9583f5...18.exe

windows10-2004-x64

Sharing

General

Target

efaf9583f501557601f7acc59d1a7d32_JaffaCakes118
Size

62KB
Sample

240414-2nx22sfg83
MD5

efaf9583f501557601f7acc59d1a7d32
SHA1

462da960c5f411ff2002cc2d68b9876ed0358b29
SHA256

f7e19d70e0f46d87c813bd371e752261436437d721dc9a99fb81c39420621c8d
SHA512

523de41e53d09448bdaf5a108de13269b00c79485fbcb449c4d265a8124c9b735fa13e4e972020385d291ede43f76a3d5845719462fe1312dee1b42da5d67526
SSDEEP

1536:hNW71rcYDAWeotvXliBghB29g4p9GDRlzch9QBUiAESG6m:hNW7dEvotvXmgj264zaQQB

Score

10^/10

xtremerat persistence rat spyware upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

efaf9583f501557601f7acc59d1a7d32_JaffaCakes118.exe

Resource

win7-20240221-en

xtremerat persistence rat spyware upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

efaf9583f501557601f7acc59d1a7d32_JaffaCakes118.exe

Resource

win10v2004-20240226-en

xtremerat persistence rat spyware upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

klawchi.no-ip.org

Targets

- Target
  
  efaf9583f501557601f7acc59d1a7d32_JaffaCakes118
- Size
  
  62KB
- MD5
  
  efaf9583f501557601f7acc59d1a7d32
- SHA1
  
  462da960c5f411ff2002cc2d68b9876ed0358b29
- SHA256
  
  f7e19d70e0f46d87c813bd371e752261436437d721dc9a99fb81c39420621c8d
- SHA512
  
  523de41e53d09448bdaf5a108de13269b00c79485fbcb449c4d265a8124c9b735fa13e4e972020385d291ede43f76a3d5845719462fe1312dee1b42da5d67526
- SSDEEP
  
  1536:hNW71rcYDAWeotvXliBghB29g4p9GDRlzch9QBUiAESG6m:hNW7dEvotvXmgj264zaQQB
Score

10^/10

xtremerat persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xtremeratpersistenceratspywareupx

behavioral2

xtremeratpersistenceratspywareupx

© 2018-2024

Terms | Privacy