xtremerat | 5b7d6dd5e083883e2de39ec679c5a96a95e76b461072bcd985eefcf542f6f3fd | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...f0.exe

windows7-x64

JaffaCakes...f0.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_6dfd9e59aae53b98ad50fc8817a3cff0
Size

1.2MB
Sample

250103-t64csawmgl
MD5

6dfd9e59aae53b98ad50fc8817a3cff0
SHA1

36b748aaf569bc70a80bff0d370da58f7d87ea10
SHA256

5b7d6dd5e083883e2de39ec679c5a96a95e76b461072bcd985eefcf542f6f3fd
SHA512

1ea03ceab60a7c82b62052867eee9e9e090e63467f74f18cae0285aedec3391aee261208f15cf720e469f53545bea3e3e6bc8d6118b8f9b7d6eb2d42c3edd18d
SSDEEP

24576:fb/JZbr1coVWDAc/HTvMsaFnLKBkwDJBR99RZ+yUDTZX:T/JZbJIcLKBbJRZ+ZTN

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_6dfd9e59aae53b98ad50fc8817a3cff0.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_6dfd9e59aae53b98ad50fc8817a3cff0.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_6dfd9e59aae53b98ad50fc8817a3cff0
- Size
  
  1.2MB
- MD5
  
  6dfd9e59aae53b98ad50fc8817a3cff0
- SHA1
  
  36b748aaf569bc70a80bff0d370da58f7d87ea10
- SHA256
  
  5b7d6dd5e083883e2de39ec679c5a96a95e76b461072bcd985eefcf542f6f3fd
- SHA512
  
  1ea03ceab60a7c82b62052867eee9e9e090e63467f74f18cae0285aedec3391aee261208f15cf720e469f53545bea3e3e6bc8d6118b8f9b7d6eb2d42c3edd18d
- SSDEEP
  
  24576:fb/JZbr1coVWDAc/HTvMsaFnLKBkwDJBR99RZ+yUDTZX:T/JZbJIcLKBbJRZ+ZTN
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy