General

  • Target

    d9a57ff763e5df446bb83f18e4dda245148dabf6988c24dc813a83b1271c870bN.exe

  • Size

    65KB

  • Sample

    241129-hjpqbs1mdv

  • MD5

    902b1c05455ca5b638162dfad59c9cc0

  • SHA1

    738aace79fd0d5a59c82b17fe91e832c0429d8db

  • SHA256

    d9a57ff763e5df446bb83f18e4dda245148dabf6988c24dc813a83b1271c870b

  • SHA512

    cd0ebafc5803774eed0c220710298d9bfafb26a0daaa6ab7ec30af6b8e241298da4b4ce4c9bfb73125fd7e5658656229ee298c2ac687aba9dbaf6a47380a8888

  • SSDEEP

    768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnc6/yyR+P2ujfHi5KPA+7XoD:Qsq+QV4rObAdXWpffy/bozNwipr

Malware Config

Extracted

Family

xtremerat

C2

syrianow.zapto.org

Targets

    • Target

      d9a57ff763e5df446bb83f18e4dda245148dabf6988c24dc813a83b1271c870bN.exe

    • Size

      65KB

    • MD5

      902b1c05455ca5b638162dfad59c9cc0

    • SHA1

      738aace79fd0d5a59c82b17fe91e832c0429d8db

    • SHA256

      d9a57ff763e5df446bb83f18e4dda245148dabf6988c24dc813a83b1271c870b

    • SHA512

      cd0ebafc5803774eed0c220710298d9bfafb26a0daaa6ab7ec30af6b8e241298da4b4ce4c9bfb73125fd7e5658656229ee298c2ac687aba9dbaf6a47380a8888

    • SSDEEP

      768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnc6/yyR+P2ujfHi5KPA+7XoD:Qsq+QV4rObAdXWpffy/bozNwipr

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

MITRE ATT&CK Enterprise v15

Tasks