xtremerat | 5c8a5800a8772afd57f247e9d940a3944bf84d1c0004bb89e28e8e0095dca898 | Triage

Submit
Reports

Overview

overview

Static

static

3

ef80bfef73...18.exe

windows7-x64

ef80bfef73...18.exe

windows10-2004-x64

Sharing

General

Target

ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118
Size

42KB
Sample

240414-zw2dbsgd2w
MD5

ef80bfef733b8d4c9a63723aa6b77fa2
SHA1

a7191bdd324db258acd13c384243f8ada75d3ef9
SHA256

5c8a5800a8772afd57f247e9d940a3944bf84d1c0004bb89e28e8e0095dca898
SHA512

6c7ff76347e9af3bce0ade22c2ec1aa1f19536fc008d16401c51dd0ce1c579537773b950d214e9d662c0e5f70528fcc3cf431c78e78112d64d7ad378eac6cbcd
SSDEEP

768:CkcQvm1VsbiT858p1F5H9jSZwzjUw90YmT37Dj8E4ukOh:CkcQE6bio58bf9Bzn90rHfR

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118.exe

Resource

win7-20240220-en

xtremerat persistence rat spyware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118.exe

Resource

win10v2004-20240412-en

xtremerat persistence rat spyware

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

esam2at.no-ip.biz

Targets

- Target
  
  ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118
- Size
  
  42KB
- MD5
  
  ef80bfef733b8d4c9a63723aa6b77fa2
- SHA1
  
  a7191bdd324db258acd13c384243f8ada75d3ef9
- SHA256
  
  5c8a5800a8772afd57f247e9d940a3944bf84d1c0004bb89e28e8e0095dca898
- SHA512
  
  6c7ff76347e9af3bce0ade22c2ec1aa1f19536fc008d16401c51dd0ce1c579537773b950d214e9d662c0e5f70528fcc3cf431c78e78112d64d7ad378eac6cbcd
- SSDEEP
  
  768:CkcQvm1VsbiT858p1F5H9jSZwzjUw90YmT37Dj8E4ukOh:CkcQE6bio58bf9Bzn90rHfR
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2024

Terms | Privacy