xtremerat | 5a4f573a3dd782ead6e2c328870f00e6172bf36d80888d0dbf7e490fb3f5f21f | Triage

Submit
Reports

Overview

overview

Static

static

7

671b203d92...18.exe

windows7-x64

671b203d92...18.exe

windows10-2004-x64

Sharing

General

Target

671b203d924da9d4c77e232180702d67_JaffaCakes118
Size

42KB
Sample

241021-yj6xlssfnd
MD5

671b203d924da9d4c77e232180702d67
SHA1

21cad9b28c6c860a657de467d163eb1ba43be93b
SHA256

5a4f573a3dd782ead6e2c328870f00e6172bf36d80888d0dbf7e490fb3f5f21f
SHA512

697bd541ffcadd01cb08ff745410b5f8e7cc12b59d2f1d851c5a0a24557530523d3f0769a61db14f629034832eabff3714a87e0eae49d5245d22217bf282451f
SSDEEP

768:8jups9Xmn9VyMltWqPsJQYCOGpVTOD4pR2WgInNJw+6lg6WEGnxYbPrj:HiWnWjqP0QYzGpgDArn56S6WEdn

Score

10^/10

xtremerat aspackv2 discovery persistence rat spyware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

671b203d924da9d4c77e232180702d67_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

671b203d924da9d4c77e232180702d67_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

耀27dreamupdata.no-ip.biz

Targets

- Target
  
  671b203d924da9d4c77e232180702d67_JaffaCakes118
- Size
  
  42KB
- MD5
  
  671b203d924da9d4c77e232180702d67
- SHA1
  
  21cad9b28c6c860a657de467d163eb1ba43be93b
- SHA256
  
  5a4f573a3dd782ead6e2c328870f00e6172bf36d80888d0dbf7e490fb3f5f21f
- SHA512
  
  697bd541ffcadd01cb08ff745410b5f8e7cc12b59d2f1d851c5a0a24557530523d3f0769a61db14f629034832eabff3714a87e0eae49d5245d22217bf282451f
- SSDEEP
  
  768:8jups9Xmn9VyMltWqPsJQYCOGpVTOD4pR2WgInNJw+6lg6WEGnxYbPrj:HiWnWjqP0QYzGpgDArn56S6WEdn
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2024

Terms | Privacy