xtremerat | b8e8a4a2976eba4ec3f8e9feb27ca9f11113f5e0906a9cae811560815fc1f35e | Triage

Submit
Reports

Overview

overview

Static

static

eedc22e980...18.exe

windows7-x64

eedc22e980...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

eedc22e9805d50860ac45ec28e4b7caf_JaffaCakes118
Size

44KB
Sample

240921-ced55szenl
MD5

eedc22e9805d50860ac45ec28e4b7caf
SHA1

0f308c0686b1f3f9e345dcdf24d1274ce603fb4f
SHA256

b8e8a4a2976eba4ec3f8e9feb27ca9f11113f5e0906a9cae811560815fc1f35e
SHA512

502cdac8e81b1ec08481fa879f2341af181c27c66857e54ee30f57806b7e03d17b8b880f29e1df8d8e70b8da7aeddd70be75f9bd0b969cb0783b74e1443e8eae
SSDEEP

768:rBr+tjFlTPkAlfztB1lr6an3sGTruvm2DfOTwYPI+zoJ1L:FyRvHlrL1lr6anXTruvm2buQCozL

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

eedc22e9805d50860ac45ec28e4b7caf_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

eedc22e9805d50860ac45ec28e4b7caf_JaffaCakes118.exe

Resource

win10v2004-20240802-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  eedc22e9805d50860ac45ec28e4b7caf_JaffaCakes118
- Size
  
  44KB
- MD5
  
  eedc22e9805d50860ac45ec28e4b7caf
- SHA1
  
  0f308c0686b1f3f9e345dcdf24d1274ce603fb4f
- SHA256
  
  b8e8a4a2976eba4ec3f8e9feb27ca9f11113f5e0906a9cae811560815fc1f35e
- SHA512
  
  502cdac8e81b1ec08481fa879f2341af181c27c66857e54ee30f57806b7e03d17b8b880f29e1df8d8e70b8da7aeddd70be75f9bd0b969cb0783b74e1443e8eae
- SSDEEP
  
  768:rBr+tjFlTPkAlfztB1lr6an3sGTruvm2DfOTwYPI+zoJ1L:FyRvHlrL1lr6anXTruvm2buQCozL
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy