xtremerat | f2ac1d0feeaeff5ee3569cbfade56f8287b8f7febbb1fe88a117ec86336ee317 | Triage

Submit
Reports

Overview

overview

Static

static

3

ab53c99262...18.exe

windows7-x64

ab53c99262...18.exe

windows10-2004-x64

Sharing

General

Target

ab53c99262a904d3288354430774254a_JaffaCakes118
Size

89KB
Sample

240614-zagf2aydll
MD5

ab53c99262a904d3288354430774254a
SHA1

7d7d9c71733ed56d3a1902671a0828132d295827
SHA256

f2ac1d0feeaeff5ee3569cbfade56f8287b8f7febbb1fe88a117ec86336ee317
SHA512

5a1b7cd678a04e56e13776a6bc2039894231440bf54529a310288e5584fc26fcd7c4448a8a4649b113e8bb491b8929739c61a21da9227cf58cd11d9fd966e227
SSDEEP

1536:hfteRCzl2x7/Gh3ZdW4J8q06mul+BLemg5Tf9u8N:ttR2B/Gh3tJhlEDgZfYW

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ab53c99262a904d3288354430774254a_JaffaCakes118.exe

Resource

win7-20231129-en

xtremerat persistence rat spyware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab53c99262a904d3288354430774254a_JaffaCakes118.exe

Resource

win10v2004-20240611-en

xtremerat persistence rat spyware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ab53c99262a904d3288354430774254a_JaffaCakes118
- Size
  
  89KB
- MD5
  
  ab53c99262a904d3288354430774254a
- SHA1
  
  7d7d9c71733ed56d3a1902671a0828132d295827
- SHA256
  
  f2ac1d0feeaeff5ee3569cbfade56f8287b8f7febbb1fe88a117ec86336ee317
- SHA512
  
  5a1b7cd678a04e56e13776a6bc2039894231440bf54529a310288e5584fc26fcd7c4448a8a4649b113e8bb491b8929739c61a21da9227cf58cd11d9fd966e227
- SSDEEP
  
  1536:hfteRCzl2x7/Gh3ZdW4J8q06mul+BLemg5Tf9u8N:ttR2B/Gh3tJhlEDgZfYW
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2024

Terms | Privacy