xtremerat | 695b8f527f922590f8e49a80d2583174c1cdf1ab015d63304b4d19f2e78136dd | Triage

Submit
Reports

Overview

overview

Static

static

3

4bc1d56dee...18.exe

windows7-x64

4bc1d56dee...18.exe

windows10-2004-x64

Sharing

General

Target

4bc1d56dee057a83511ea525eee6c66c_JaffaCakes118
Size

233KB
Sample

241016-g8z2xsxbmf
MD5

4bc1d56dee057a83511ea525eee6c66c
SHA1

918df9156641f136153676438cb3b14b6906ee8a
SHA256

695b8f527f922590f8e49a80d2583174c1cdf1ab015d63304b4d19f2e78136dd
SHA512

999dab4dfc968bcc27a403d607f5a8729cc09b20e6bb0428bc6f638674f732f87931ca3098cd925ccb113a06a7f7bed36f345b1c43a97bbbcd6c6e2150e18e48
SSDEEP

3072:yk6pnnJfny7mhwKDSRzzkbvWDHzuCsdoL/n0Y2SPxolPH2mV8EPGgiCyTjInmxCR:4nHvo2BV8EehjInmaEnrST

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4bc1d56dee057a83511ea525eee6c66c_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4bc1d56dee057a83511ea525eee6c66c_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  4bc1d56dee057a83511ea525eee6c66c_JaffaCakes118
- Size
  
  233KB
- MD5
  
  4bc1d56dee057a83511ea525eee6c66c
- SHA1
  
  918df9156641f136153676438cb3b14b6906ee8a
- SHA256
  
  695b8f527f922590f8e49a80d2583174c1cdf1ab015d63304b4d19f2e78136dd
- SHA512
  
  999dab4dfc968bcc27a403d607f5a8729cc09b20e6bb0428bc6f638674f732f87931ca3098cd925ccb113a06a7f7bed36f345b1c43a97bbbcd6c6e2150e18e48
- SSDEEP
  
  3072:yk6pnnJfny7mhwKDSRzzkbvWDHzuCsdoL/n0Y2SPxolPH2mV8EPGgiCyTjInmxCR:4nHvo2BV8EehjInmaEnrST
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy