xtremerat | 7dab7874e786405628fb032e5a2bb488c9ada6206c8af0c9c6c625584b22f523 | Triage

Submit
Reports

Overview

overview

Static

static

3

6a6171d058...18.exe

windows7-x64

6a6171d058...18.exe

windows10-2004-x64

Sharing

General

Target

6a6171d058c31d6b940a601e98e2b6bb_JaffaCakes118
Size

120KB
Sample

241022-n5p6wawbqj
MD5

6a6171d058c31d6b940a601e98e2b6bb
SHA1

7cfa5cb756d970709e4266ef17a548bea41d5a1c
SHA256

7dab7874e786405628fb032e5a2bb488c9ada6206c8af0c9c6c625584b22f523
SHA512

713e4d0bc67016ed26c55ffa104376bcc4d00dedd7a3a1cb013831a2117cf6f9e677392c482e0ec8b474ab39cbf5837a49cd3d205441ae8be654b3ee40aabfc5
SSDEEP

1536:D2uN491bIWinffR0tvSXk/EDhSHxuJvt96aD/nHOE90AooN/n48FCqu3iPAg:D61iffR0t0AHxWauvKTe/n4aCqK9

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6a6171d058c31d6b940a601e98e2b6bb_JaffaCakes118.exe

Resource

win7-20241010-en

xtremerat discovery persistence rat spyware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a6171d058c31d6b940a601e98e2b6bb_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  6a6171d058c31d6b940a601e98e2b6bb_JaffaCakes118
- Size
  
  120KB
- MD5
  
  6a6171d058c31d6b940a601e98e2b6bb
- SHA1
  
  7cfa5cb756d970709e4266ef17a548bea41d5a1c
- SHA256
  
  7dab7874e786405628fb032e5a2bb488c9ada6206c8af0c9c6c625584b22f523
- SHA512
  
  713e4d0bc67016ed26c55ffa104376bcc4d00dedd7a3a1cb013831a2117cf6f9e677392c482e0ec8b474ab39cbf5837a49cd3d205441ae8be654b3ee40aabfc5
- SSDEEP
  
  1536:D2uN491bIWinffR0tvSXk/EDhSHxuJvt96aD/nHOE90AooN/n48FCqu3iPAg:D61iffR0t0AHxWauvKTe/n4aCqK9
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2024

Terms | Privacy