xtremerat | f96995899d4bc1ee309064480316a0add0e089e708e2d0c99645f08518eabdd1 | Triage

Submit
Reports

Overview

overview

Static

static

3

f0dfc3c126...18.exe

windows7-x64

f0dfc3c126...18.exe

windows10-2004-x64

3

Sharing

General

Target

f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118
Size

449KB
Sample

240415-mvbp3aeh2z
MD5

f0dfc3c1267ab4e9694e00b16fdb647d
SHA1

44812282bd1228a4b659d300815749a567169572
SHA256

f96995899d4bc1ee309064480316a0add0e089e708e2d0c99645f08518eabdd1
SHA512

1cc704e9fde7b0f4ac49f190b202ed86c53fad7ee9a61c6e7fae11a8962ade6961a5b653d9c36c239418bd181eed52ba666ca6b87b58b38cf29b885200ae446d
SSDEEP

6144:TXQAYzJMEExuJrc/vIU0SSM627FAAVBZLjJoxGq6IE2gXDD02L2jsraaHl/pqlmJ:TXQAaSuJQnIu0AVjFYGq6sd2J7qllVDw

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118.exe

Resource

win7-20231129-en

xtremerat persistence rat spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118
- Size
  
  449KB
- MD5
  
  f0dfc3c1267ab4e9694e00b16fdb647d
- SHA1
  
  44812282bd1228a4b659d300815749a567169572
- SHA256
  
  f96995899d4bc1ee309064480316a0add0e089e708e2d0c99645f08518eabdd1
- SHA512
  
  1cc704e9fde7b0f4ac49f190b202ed86c53fad7ee9a61c6e7fae11a8962ade6961a5b653d9c36c239418bd181eed52ba666ca6b87b58b38cf29b885200ae446d
- SSDEEP
  
  6144:TXQAYzJMEExuJrc/vIU0SSM627FAAVBZLjJoxGq6IE2gXDD02L2jsraaHl/pqlmJ:TXQAaSuJQnIu0AVjFYGq6sd2J7qllVDw
Score

10^/10

xtremerat persistence rat spyware
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

© 2018-2024

Terms | Privacy