xtremerat | ab63d34bec79e8d17400c96c2ae4278b315110d4bd0df461e0e534b5d5d27e26 | Triage

Submit
Reports

Overview

overview

Static

static

4ca2177262...18.exe

windows7-x64

4ca2177262...18.exe

windows10-2004-x64

Sharing

General

Target

4ca2177262a3872c858531b531ff8ab9_JaffaCakes118
Size

65KB
Sample

241016-nr1epaxclb
MD5

4ca2177262a3872c858531b531ff8ab9
SHA1

50adcfc1a59b08bd044798f290982e1205ca3c63
SHA256

ab63d34bec79e8d17400c96c2ae4278b315110d4bd0df461e0e534b5d5d27e26
SHA512

b07b17ef7a63c0f361f8eca9e392b5d20793acc26859caf096648f9f8a65ffdea517c10b25a162c6fe2ffa0b5ac479a702a6254b5dc3c183709cfed2a48be017
SSDEEP

768:+qm1pqoNQErBsH1tzoisBKQI6dObAG/dq8uW29Ifncz/OyR+P2ujfniZKPA+7Xo4:qjquQV4rObAdXWpfOyf7ozNwi0p

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

4ca2177262a3872c858531b531ff8ab9_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

4ca2177262a3872c858531b531ff8ab9_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  4ca2177262a3872c858531b531ff8ab9_JaffaCakes118
- Size
  
  65KB
- MD5
  
  4ca2177262a3872c858531b531ff8ab9
- SHA1
  
  50adcfc1a59b08bd044798f290982e1205ca3c63
- SHA256
  
  ab63d34bec79e8d17400c96c2ae4278b315110d4bd0df461e0e534b5d5d27e26
- SHA512
  
  b07b17ef7a63c0f361f8eca9e392b5d20793acc26859caf096648f9f8a65ffdea517c10b25a162c6fe2ffa0b5ac479a702a6254b5dc3c183709cfed2a48be017
- SSDEEP
  
  768:+qm1pqoNQErBsH1tzoisBKQI6dObAG/dq8uW29Ifncz/OyR+P2ujfniZKPA+7Xo4:qjquQV4rObAdXWpfOyf7ozNwi0p
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy