xtremerat

General

Target

JaffaCakes118_697fb9485469007d6e4c31b72265bc90
Size

134KB
Sample

250103-b9f3jsvjax
MD5

697fb9485469007d6e4c31b72265bc90
SHA1

d2a37c56f97ffeaf5b34ccd43ceb53463fc21eb5
SHA256

3dd55aaa3bd6ff4db89ba236b3d2eb97676f402a494421269a627ecb5e20b76e
SHA512

2ba8fc34512bfbe4a879cee494f37c19b63eea6ab3e11ce51a66304d64309e33e5ee2f117783b746d731663ed1b3f6d52852eb7f0d9524c2bdfbeb29e9430cb7
SSDEEP

3072:W4ofSu5F16DVWaMyKxgUEkUbQI4ng4vST:8Su5n6DVWaExfI4OT

Score

10^/10

Malware Config

Extracted

Family

xtremerat

C2

ahmed1111.no-ip.biz

Targets

- Target
  
  JaffaCakes118_697fb9485469007d6e4c31b72265bc90
- Size
  
  134KB
- MD5
  
  697fb9485469007d6e4c31b72265bc90
- SHA1
  
  d2a37c56f97ffeaf5b34ccd43ceb53463fc21eb5
- SHA256
  
  3dd55aaa3bd6ff4db89ba236b3d2eb97676f402a494421269a627ecb5e20b76e
- SHA512
  
  2ba8fc34512bfbe4a879cee494f37c19b63eea6ab3e11ce51a66304d64309e33e5ee2f117783b746d731663ed1b3f6d52852eb7f0d9524c2bdfbeb29e9430cb7
- SSDEEP
  
  3072:W4ofSu5F16DVWaMyKxgUEkUbQI4ng4vST:8Su5n6DVWaExfI4OT
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect XtremeRAT payload

Xtremerat family

Suspicious use of SetThreadContext

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2