xtremerat | 54e1fa1f64f36436e103af737402396f694feb401f525ef1f604ac6ccc329d1c | Triage

Submit
Reports

Overview

overview

Static

static

f285cc342d...18.exe

windows7-x64

f285cc342d...18.exe

windows10-2004-x64

Sharing

General

Target

f285cc342dcc1bef9810e585b8c7c45b_JaffaCakes118
Size

40KB
Sample

240416-ddsgtahe9t
MD5

f285cc342dcc1bef9810e585b8c7c45b
SHA1

5281c559b364811b5c321103f2d69766ea88f51d
SHA256

54e1fa1f64f36436e103af737402396f694feb401f525ef1f604ac6ccc329d1c
SHA512

7ccda096557cca72181d4e6559cf62b6923c02939d73a0ced2b1f72cdce005622a36c238ec597f738f864e71b2f623027630abbba69e94dc5df20148044326e2
SSDEEP

768:6E9hghdN12Ozhiow2Gkm++5s/pBzNBwIldW4zoWV:6u+zMOlw2GkmPs/Bld5oWV

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f285cc342dcc1bef9810e585b8c7c45b_JaffaCakes118.exe

Resource

win7-20240221-en

xtremerat persistence rat spyware

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

f285cc342dcc1bef9810e585b8c7c45b_JaffaCakes118.exe

Resource

win10v2004-20240412-en

xtremerat persistence rat spyware

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  f285cc342dcc1bef9810e585b8c7c45b_JaffaCakes118
- Size
  
  40KB
- MD5
  
  f285cc342dcc1bef9810e585b8c7c45b
- SHA1
  
  5281c559b364811b5c321103f2d69766ea88f51d
- SHA256
  
  54e1fa1f64f36436e103af737402396f694feb401f525ef1f604ac6ccc329d1c
- SHA512
  
  7ccda096557cca72181d4e6559cf62b6923c02939d73a0ced2b1f72cdce005622a36c238ec597f738f864e71b2f623027630abbba69e94dc5df20148044326e2
- SSDEEP
  
  768:6E9hghdN12Ozhiow2Gkm++5s/pBzNBwIldW4zoWV:6u+zMOlw2GkmPs/Bld5oWV
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2024

Terms | Privacy