xtremerat | f587e66b8e8cd833a33eb7a2ae3e0f14577bfbeb1f8d72ae6d029161f7b1c2d0 | Triage

Submit
Reports

Overview

overview

Static

static

3

9da4aefeb9...18.exe

windows7-x64

9da4aefeb9...18.exe

windows10-2004-x64

Sharing

General

Target

9da4aefeb9cc1590ac1a54c62344483f_JaffaCakes118
Size

487KB
Sample

241125-yxyhds1jfp
MD5

9da4aefeb9cc1590ac1a54c62344483f
SHA1

8da31b69a931feb9be61312da6075567e46c7a0f
SHA256

f587e66b8e8cd833a33eb7a2ae3e0f14577bfbeb1f8d72ae6d029161f7b1c2d0
SHA512

1fad6cb03a2e856991c55f9f6bc22f2b5799d8399db6246d588a093415b5d239c96aaf884198be375b40e10c9eb9d4dc2da1bf6d9adf9b9a0761640361e72874
SSDEEP

12288:1UPX8O88Ws0N4QlGuQjW/OR3CktmN9HjtbkLH4u:1O8s0iQE7jWMNtQ95bkT4u

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9da4aefeb9cc1590ac1a54c62344483f_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9da4aefeb9cc1590ac1a54c62344483f_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  9da4aefeb9cc1590ac1a54c62344483f_JaffaCakes118
- Size
  
  487KB
- MD5
  
  9da4aefeb9cc1590ac1a54c62344483f
- SHA1
  
  8da31b69a931feb9be61312da6075567e46c7a0f
- SHA256
  
  f587e66b8e8cd833a33eb7a2ae3e0f14577bfbeb1f8d72ae6d029161f7b1c2d0
- SHA512
  
  1fad6cb03a2e856991c55f9f6bc22f2b5799d8399db6246d588a093415b5d239c96aaf884198be375b40e10c9eb9d4dc2da1bf6d9adf9b9a0761640361e72874
- SSDEEP
  
  12288:1UPX8O88Ws0N4QlGuQjW/OR3CktmN9HjtbkLH4u:1O8s0iQE7jWMNtQ95bkT4u
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2024

Terms | Privacy