xtremerat

General

Target

ba7a6160f39bc78a48701eea66156a1c_JaffaCakes118
Size

724KB
Sample

241202-2fdnfaskhp
MD5

ba7a6160f39bc78a48701eea66156a1c
SHA1

0140dafae4956a19b424195afa83117717aa55b0
SHA256

424aa51646d8e3003e9ca8cfc0da3e50877b46a3a297bf4dcaa30e07c4ad9641
SHA512

8cc867efd21f3c39c050171abe7c1c783346dac1b2d28f8808cdb4a8382760c74ffc2bb4ee4a488f18ae41e5565e25c54d0532950b3ec1db423da228563aa461
SSDEEP

3072:7sTkgR6gA2YQCO17fami7muyjKZOAo2XDphzMn8cvlGE5o19jYkCy7A6iw6QL7Z0:7Z8hzCEw

Score

10^/10

Malware Config

Extracted

Family

xtremerat

C2

abdallam.no-ip.biz

Targets

- Target
  
  ba7a6160f39bc78a48701eea66156a1c_JaffaCakes118
- Size
  
  724KB
- MD5
  
  ba7a6160f39bc78a48701eea66156a1c
- SHA1
  
  0140dafae4956a19b424195afa83117717aa55b0
- SHA256
  
  424aa51646d8e3003e9ca8cfc0da3e50877b46a3a297bf4dcaa30e07c4ad9641
- SHA512
  
  8cc867efd21f3c39c050171abe7c1c783346dac1b2d28f8808cdb4a8382760c74ffc2bb4ee4a488f18ae41e5565e25c54d0532950b3ec1db423da228563aa461
- SSDEEP
  
  3072:7sTkgR6gA2YQCO17fami7muyjKZOAo2XDphzMn8cvlGE5o19jYkCy7A6iw6QL7Z0:7Z8hzCEw
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect XtremeRAT payload

Xtremerat family

Suspicious use of SetThreadContext

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2