xtremerat | 15e2f60d099421543c908ae38d777d0ccfa8a009790e72428e31dccc6c75b0ee | Triage

Submit
Reports

Overview

overview

Static

static

3

f96a16e31d...18.exe

windows7-x64

f96a16e31d...18.exe

windows10-2004-x64

Sharing

General

Target

f96a16e31d7c99d5b09d01401b826c0b_JaffaCakes118
Size

160KB
Sample

241218-at2hwavkax
MD5

f96a16e31d7c99d5b09d01401b826c0b
SHA1

989015b9b0b6797f48c8dc9c84bd641ed366566e
SHA256

15e2f60d099421543c908ae38d777d0ccfa8a009790e72428e31dccc6c75b0ee
SHA512

87c60244893bfac8d5c6dd0d474bd7776012b1940fafd03951d4c259e42ebd3d065bf5646a43dc3ac3863cd5bbc8737f483afde762b023509ae8a3e1fdcf44ec
SSDEEP

3072:pmG/oXBcT7JkjkstZ1uy/Z17mko9CRNfETVL9WA:pAxcx8J5uybal9C3Y3WA

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f96a16e31d7c99d5b09d01401b826c0b_JaffaCakes118.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f96a16e31d7c99d5b09d01401b826c0b_JaffaCakes118.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

esam2at.no-ip.biz

Targets

- Target
  
  f96a16e31d7c99d5b09d01401b826c0b_JaffaCakes118
- Size
  
  160KB
- MD5
  
  f96a16e31d7c99d5b09d01401b826c0b
- SHA1
  
  989015b9b0b6797f48c8dc9c84bd641ed366566e
- SHA256
  
  15e2f60d099421543c908ae38d777d0ccfa8a009790e72428e31dccc6c75b0ee
- SHA512
  
  87c60244893bfac8d5c6dd0d474bd7776012b1940fafd03951d4c259e42ebd3d065bf5646a43dc3ac3863cd5bbc8737f483afde762b023509ae8a3e1fdcf44ec
- SSDEEP
  
  3072:pmG/oXBcT7JkjkstZ1uy/Z17mko9CRNfETVL9WA:pAxcx8J5uybal9C3Y3WA
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy