xtremerat

General

Target

fd8e9e3a0442b6df909e09a9541f16c1_JaffaCakes118
Size

81KB
Sample

241218-3kte5axpcm
MD5

fd8e9e3a0442b6df909e09a9541f16c1
SHA1

9392f89e48728260e9d63336fd2de98cfaccbc90
SHA256

f139fa322d7b9fe0f1cba1099b73dd27b11ed1060c0d3599cf408bf5a369e468
SHA512

a8781a3b75b7dcdb94b755747eaa2b1fffac9dcc86b6abd7f51e1bbc5b6307bf467024fba3b312500ac5fb2d294a76a1f0f536e5ff2bf1aea7083ade6732e341
SSDEEP

1536:ZcFWD0DqiM0A9yV56WfIPhjif6DQCdBgmjNqIti9IYgdehAnaD+glR6:ZcYE3HfQBQCfNYIYgghK5glR6

Score

10^/10

Malware Config

Extracted

Family

xtremerat

C2

gaetano1997.no-ip.org

Targets

- Target
  
  fd8e9e3a0442b6df909e09a9541f16c1_JaffaCakes118
- Size
  
  81KB
- MD5
  
  fd8e9e3a0442b6df909e09a9541f16c1
- SHA1
  
  9392f89e48728260e9d63336fd2de98cfaccbc90
- SHA256
  
  f139fa322d7b9fe0f1cba1099b73dd27b11ed1060c0d3599cf408bf5a369e468
- SHA512
  
  a8781a3b75b7dcdb94b755747eaa2b1fffac9dcc86b6abd7f51e1bbc5b6307bf467024fba3b312500ac5fb2d294a76a1f0f536e5ff2bf1aea7083ade6732e341
- SSDEEP
  
  1536:ZcFWD0DqiM0A9yV56WfIPhjif6DQCdBgmjNqIti9IYgdehAnaD+glR6:ZcYE3HfQBQCfNYIYgghK5glR6
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect XtremeRAT payload

Xtremerat family

Suspicious use of SetThreadContext

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2