xtremerat | a5073a9ef9065f44feb18deee27fe3cc811df77d76cc1f3959f044ff073e4782 | Triage

Submit
Reports

Overview

overview

Static

static

3

de779d35ab...18.exe

windows7-x64

de779d35ab...18.exe

windows10-2004-x64

Sharing

General

Target

de779d35ab982cb6adef46784b466d44_JaffaCakes118
Size

126KB
Sample

241210-ztplraylgy
MD5

de779d35ab982cb6adef46784b466d44
SHA1

3dfd99fbd994aa9db33c14e5ad79737e99d8fb00
SHA256

a5073a9ef9065f44feb18deee27fe3cc811df77d76cc1f3959f044ff073e4782
SHA512

a2354d7ac7abed0967d18bacd16d6bea09d2dc678f8150050c76fb931687ddd4e0f3f94492e1fa4a346e18c8e8976e45dc2bf6bda057327b9ddec89b53759273
SSDEEP

3072:Jwp1Ua0iGQFWW7B73PUBOZ8jUbG5p6vUClQb1brny2GsV8Pg:eH0PQIW7BYcZ8jUbG5p63Y1bDyVfI

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

de779d35ab982cb6adef46784b466d44_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

de779d35ab982cb6adef46784b466d44_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  de779d35ab982cb6adef46784b466d44_JaffaCakes118
- Size
  
  126KB
- MD5
  
  de779d35ab982cb6adef46784b466d44
- SHA1
  
  3dfd99fbd994aa9db33c14e5ad79737e99d8fb00
- SHA256
  
  a5073a9ef9065f44feb18deee27fe3cc811df77d76cc1f3959f044ff073e4782
- SHA512
  
  a2354d7ac7abed0967d18bacd16d6bea09d2dc678f8150050c76fb931687ddd4e0f3f94492e1fa4a346e18c8e8976e45dc2bf6bda057327b9ddec89b53759273
- SSDEEP
  
  3072:Jwp1Ua0iGQFWW7B73PUBOZ8jUbG5p6vUClQb1brny2GsV8Pg:eH0PQIW7BYcZ8jUbG5p63Y1bDyVfI
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy