xtremerat | a3a14a8e9f4bcc269372b3ec1d20eb580c70b33dada00cfeb49a6b6d60e2661f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

4a596f96a1...18.exe

windows7-x64

4a596f96a1...18.exe

windows10-2004-x64

Sharing

General

Target

4a596f96a1eb6b39e07ada86e6a8bf4d_JaffaCakes118
Size

65KB
Sample

241015-2n6des1dje
MD5

4a596f96a1eb6b39e07ada86e6a8bf4d
SHA1

309305d26f15aeb5255ffe11907f6ff042132552
SHA256

a3a14a8e9f4bcc269372b3ec1d20eb580c70b33dada00cfeb49a6b6d60e2661f
SHA512

17e481e63f56eb1fd5fb15a24c0e1d429685981078d54a602849422f68fa3c2eb12caee618fa2ddf764d716b19262d5bc0687fd99a433e9dde04d3f2024e7ef0
SSDEEP

768:A8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfciZKPA+7Xov:isq+QV4rObAdXWpf/yU7ozNwiF

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

4a596f96a1eb6b39e07ada86e6a8bf4d_JaffaCakes118.exe

Resource

win7-20240708-en

xtremerat discovery persistence rat spyware

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

4a596f96a1eb6b39e07ada86e6a8bf4d_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  4a596f96a1eb6b39e07ada86e6a8bf4d_JaffaCakes118
- Size
  
  65KB
- MD5
  
  4a596f96a1eb6b39e07ada86e6a8bf4d
- SHA1
  
  309305d26f15aeb5255ffe11907f6ff042132552
- SHA256
  
  a3a14a8e9f4bcc269372b3ec1d20eb580c70b33dada00cfeb49a6b6d60e2661f
- SHA512
  
  17e481e63f56eb1fd5fb15a24c0e1d429685981078d54a602849422f68fa3c2eb12caee618fa2ddf764d716b19262d5bc0687fd99a433e9dde04d3f2024e7ef0
- SSDEEP
  
  768:A8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfciZKPA+7Xov:isq+QV4rObAdXWpf/yU7ozNwiF
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy