xtremerat | f3fdefc35425f5662857e824d3f3917e585279c94da1363989e0558dd0ab18c4 | Triage

Submit
Reports

Overview

overview

Static

static

3

55a9edfba6...18.exe

windows7-x64

55a9edfba6...18.exe

windows10-2004-x64

Sharing

General

Target

55a9edfba6daa06af8625525195a7410_JaffaCakes118
Size

109KB
Sample

241018-fy8ewasdnr
MD5

55a9edfba6daa06af8625525195a7410
SHA1

09448ecf4dffc65c363932f3631c6e99cb0122e7
SHA256

f3fdefc35425f5662857e824d3f3917e585279c94da1363989e0558dd0ab18c4
SHA512

e0c8ebf92bbf02bd5171ad57e18bab6fc69322201f02a73037cc97a532ed422ff0e6b0ba2f6616d4b629a7e52c1438bc90c259c9017dae95b0e4233f2a79efd0
SSDEEP

3072:KtfBGKgiWncy+o1z1Us4LfI0OisVoVGJAT:8fBGxiWnoo1z+s014aGJAT

Score

10^/10

xtremerat discovery persistence rat spyware upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

55a9edfba6daa06af8625525195a7410_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

55a9edfba6daa06af8625525195a7410_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  55a9edfba6daa06af8625525195a7410_JaffaCakes118
- Size
  
  109KB
- MD5
  
  55a9edfba6daa06af8625525195a7410
- SHA1
  
  09448ecf4dffc65c363932f3631c6e99cb0122e7
- SHA256
  
  f3fdefc35425f5662857e824d3f3917e585279c94da1363989e0558dd0ab18c4
- SHA512
  
  e0c8ebf92bbf02bd5171ad57e18bab6fc69322201f02a73037cc97a532ed422ff0e6b0ba2f6616d4b629a7e52c1438bc90c259c9017dae95b0e4233f2a79efd0
- SSDEEP
  
  3072:KtfBGKgiWncy+o1z1Us4LfI0OisVoVGJAT:8fBGxiWnoo1z+s014aGJAT
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspywareupx

behavioral2

xtremeratdiscoverypersistenceratspywareupx

© 2018-2024

Terms | Privacy