xtremerat | a505d36069a5ea5540b180f86b1ec6b64cf82d2ef2b71357f0a67611db38dd91 | Triage

Submit
Reports

Overview

overview

Static

static

3

377cb43a5b...18.exe

windows7-x64

377cb43a5b...18.exe

windows10-2004-x64

Sharing

General

Target

377cb43a5bc5647eac36dff8b3713443_JaffaCakes118
Size

223KB
Sample

241012-ac794awcpn
MD5

377cb43a5bc5647eac36dff8b3713443
SHA1

70601efc8bdbd8bd6983e5fe13017b4050d9a6b8
SHA256

a505d36069a5ea5540b180f86b1ec6b64cf82d2ef2b71357f0a67611db38dd91
SHA512

0595d2b3cca7fe2992df2cb5abbbdc479de871eee01d8556ca3505b79fdb5eea361a68caac8d0cec32773f2547e4c2d174d72fa62acf4451cad5b4bc1f88a33b
SSDEEP

6144:6iA1MnUWO1RNRgm2rgxXv8/o7Ulppd3W/n9ZbU42l74:bAWKRNRhLu/plrdqby

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

377cb43a5bc5647eac36dff8b3713443_JaffaCakes118.exe

Resource

win7-20241010-en

xtremerat discovery persistence rat spyware

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

377cb43a5bc5647eac36dff8b3713443_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  377cb43a5bc5647eac36dff8b3713443_JaffaCakes118
- Size
  
  223KB
- MD5
  
  377cb43a5bc5647eac36dff8b3713443
- SHA1
  
  70601efc8bdbd8bd6983e5fe13017b4050d9a6b8
- SHA256
  
  a505d36069a5ea5540b180f86b1ec6b64cf82d2ef2b71357f0a67611db38dd91
- SHA512
  
  0595d2b3cca7fe2992df2cb5abbbdc479de871eee01d8556ca3505b79fdb5eea361a68caac8d0cec32773f2547e4c2d174d72fa62acf4451cad5b4bc1f88a33b
- SSDEEP
  
  6144:6iA1MnUWO1RNRgm2rgxXv8/o7Ulppd3W/n9ZbU42l74:bAWKRNRhLu/plrdqby
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy