xtremerat | 5808a3f782733ee2eeeb73e51213cedc0af02b94336b9497ed0a49d31c4ec005 | Triage

Submit
Reports

Overview

overview

Static

static

d0a5e127f1...18.exe

windows7-x64

d0a5e127f1...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

d0a5e127f1ebe1e981e8dfa9f64de2f6_JaffaCakes118
Size

301KB
Sample

240906-3je64stdma
MD5

d0a5e127f1ebe1e981e8dfa9f64de2f6
SHA1

4453c571a2781823cb03ce71f8526f50142e3ef6
SHA256

5808a3f782733ee2eeeb73e51213cedc0af02b94336b9497ed0a49d31c4ec005
SHA512

385a7c9177534dfe20f89485023afb2bc1d642161b8c9b35cb5d9fc531a5f8b3f6b8de22ba4c2be9c227f641b14c57fad5ea2aa8d3b8df811453320e87ed3abd
SSDEEP

768:W8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiiazof83Nw:ksq+QV4rObAdXWpf/y+qof83N0T2ox

Score

10^/10

xtremerat discovery persistence rat spyware upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

d0a5e127f1ebe1e981e8dfa9f64de2f6_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

d0a5e127f1ebe1e981e8dfa9f64de2f6_JaffaCakes118.exe

Resource

win10v2004-20240802-en

xtremerat discovery persistence rat spyware upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  d0a5e127f1ebe1e981e8dfa9f64de2f6_JaffaCakes118
- Size
  
  301KB
- MD5
  
  d0a5e127f1ebe1e981e8dfa9f64de2f6
- SHA1
  
  4453c571a2781823cb03ce71f8526f50142e3ef6
- SHA256
  
  5808a3f782733ee2eeeb73e51213cedc0af02b94336b9497ed0a49d31c4ec005
- SHA512
  
  385a7c9177534dfe20f89485023afb2bc1d642161b8c9b35cb5d9fc531a5f8b3f6b8de22ba4c2be9c227f641b14c57fad5ea2aa8d3b8df811453320e87ed3abd
- SSDEEP
  
  768:W8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiiazof83Nw:ksq+QV4rObAdXWpf/y+qof83N0T2ox
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspywareupx

behavioral2

xtremeratdiscoverypersistenceratspywareupx

© 2018-2025

Terms | Privacy