xtremerat | c9a4688f8653d355698d84fa7c40299b583f60e1d9dde7ec9ab6ad8055c21155 | Triage

Submit
Reports

Overview

overview

Static

static

c9a4688f86...55.exe

windows7-x64

c9a4688f86...55.exe

windows10-2004-x64

Sharing

General

Target

c9a4688f8653d355698d84fa7c40299b583f60e1d9dde7ec9ab6ad8055c21155.exe
Size

65KB
Sample

241127-pjphwszldj
MD5

5bef2dd96e9b8f7e30dd50f759d634a5
SHA1

1bba2373219ef0752575598d49bfc2e85485c1a1
SHA256

c9a4688f8653d355698d84fa7c40299b583f60e1d9dde7ec9ab6ad8055c21155
SHA512

b55492b756d37b95f290ebe6ccdc49ac745111688a0acdd472f65f10456a2ca60a1fa2b123d53f23e6284c02bbde9f0b58d73d105ee8c9b1423555979fe01500
SSDEEP

768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnc6/yyR+P2ujfHi5KPA+7XoR:Qsq+QV4rObAdXWpffy/bozNwipJ

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

c9a4688f8653d355698d84fa7c40299b583f60e1d9dde7ec9ab6ad8055c21155.exe

Resource

win7-20241010-en

xtremerat discovery persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c9a4688f8653d355698d84fa7c40299b583f60e1d9dde7ec9ab6ad8055c21155.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

syrianow.zapto.org

Targets

- Target
  
  c9a4688f8653d355698d84fa7c40299b583f60e1d9dde7ec9ab6ad8055c21155.exe
- Size
  
  65KB
- MD5
  
  5bef2dd96e9b8f7e30dd50f759d634a5
- SHA1
  
  1bba2373219ef0752575598d49bfc2e85485c1a1
- SHA256
  
  c9a4688f8653d355698d84fa7c40299b583f60e1d9dde7ec9ab6ad8055c21155
- SHA512
  
  b55492b756d37b95f290ebe6ccdc49ac745111688a0acdd472f65f10456a2ca60a1fa2b123d53f23e6284c02bbde9f0b58d73d105ee8c9b1423555979fe01500
- SSDEEP
  
  768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnc6/yyR+P2ujfHi5KPA+7XoR:Qsq+QV4rObAdXWpffy/bozNwipJ
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2024

Terms | Privacy