xtremerat | a30959b60d6f742271c5ef10fc64541a78c82ea168463fe13a7c575e30e8b338 | Triage

Submit
Reports

Overview

overview

Static

static

f45d72a040...18.exe

windows7-x64

f45d72a040...18.exe

windows10-2004-x64

Sharing

General

Target

f45d72a040e5133b448c043eb554a676_JaffaCakes118
Size

62KB
Sample

240416-1bngeadb23
MD5

f45d72a040e5133b448c043eb554a676
SHA1

0f9f197bdcab954f6887fa1717ebe04f615e81a2
SHA256

a30959b60d6f742271c5ef10fc64541a78c82ea168463fe13a7c575e30e8b338
SHA512

1427ee5d26ffb007a41a3b6ed79369f63d08a41249edf8e51f993aa87399e57cc9ff39c44192ad42cf7c4e645437671d626e1c42e6c9cd814e81d35f9987762b
SSDEEP

1536:sT8qDqQMK9MK39GjbNwPZ6Y4eXHWTl5NX3VV:Sq8yKNcPeXHW5H

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f45d72a040e5133b448c043eb554a676_JaffaCakes118.exe

Resource

win7-20240215-en

xtremerat persistence rat spyware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f45d72a040e5133b448c043eb554a676_JaffaCakes118.exe

Resource

win10v2004-20240412-en

xtremerat persistence rat spyware

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

mmhsadmin.no-ip.biz

Targets

- Target
  
  f45d72a040e5133b448c043eb554a676_JaffaCakes118
- Size
  
  62KB
- MD5
  
  f45d72a040e5133b448c043eb554a676
- SHA1
  
  0f9f197bdcab954f6887fa1717ebe04f615e81a2
- SHA256
  
  a30959b60d6f742271c5ef10fc64541a78c82ea168463fe13a7c575e30e8b338
- SHA512
  
  1427ee5d26ffb007a41a3b6ed79369f63d08a41249edf8e51f993aa87399e57cc9ff39c44192ad42cf7c4e645437671d626e1c42e6c9cd814e81d35f9987762b
- SSDEEP
  
  1536:sT8qDqQMK9MK39GjbNwPZ6Y4eXHWTl5NX3VV:Sq8yKNcPeXHW5H
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2024

Terms | Privacy