xtremerat | c470b81aa632fe7b9fb4a4d04c5c800d3bab9eca195f70ffed1affc9dc6aea6c | Triage

Submit
Reports

Overview

overview

Static

static

3

e836cd29fd...18.exe

windows7-x64

e836cd29fd...18.exe

windows10-2004-x64

Sharing

General

Target

e836cd29fd4f6e3a0f6d9ad859f9b64f_JaffaCakes118
Size

86KB
Sample

241212-zlc8raypgk
MD5

e836cd29fd4f6e3a0f6d9ad859f9b64f
SHA1

6e747d5ce2f414e898dc2a767b34de41aeb60b27
SHA256

c470b81aa632fe7b9fb4a4d04c5c800d3bab9eca195f70ffed1affc9dc6aea6c
SHA512

e497293ec873c1a281e810e5d9f2afb30453a2358f281b9e16e8612c376633daf8a492c6535c923558667462c06084801a4951460275b52b7ea457bcfef679bf
SSDEEP

1536:ERaaXjRUtqgI8au7MkRW5dWtQvVAnrIhj/R6hl+Lv:EkaXef7hRsWCtAnrIF/RowL

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e836cd29fd4f6e3a0f6d9ad859f9b64f_JaffaCakes118.exe

Resource

win7-20241010-en

xtremerat discovery persistence rat spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e836cd29fd4f6e3a0f6d9ad859f9b64f_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  e836cd29fd4f6e3a0f6d9ad859f9b64f_JaffaCakes118
- Size
  
  86KB
- MD5
  
  e836cd29fd4f6e3a0f6d9ad859f9b64f
- SHA1
  
  6e747d5ce2f414e898dc2a767b34de41aeb60b27
- SHA256
  
  c470b81aa632fe7b9fb4a4d04c5c800d3bab9eca195f70ffed1affc9dc6aea6c
- SHA512
  
  e497293ec873c1a281e810e5d9f2afb30453a2358f281b9e16e8612c376633daf8a492c6535c923558667462c06084801a4951460275b52b7ea457bcfef679bf
- SSDEEP
  
  1536:ERaaXjRUtqgI8au7MkRW5dWtQvVAnrIhj/R6hl+Lv:EkaXef7hRsWCtAnrIF/RowL
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy