xtremerat | 2988a2c0f0aa9ed1aa8feee24bca194bbaf8d907a5f120910db6f4bb3c7adaac | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...60.exe

windows7-x64

JaffaCakes...60.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_e8d3bb336339dd1af4d64f6fdebcfa60
Size

372KB
Sample

250120-qqmhjs1nfq
MD5

e8d3bb336339dd1af4d64f6fdebcfa60
SHA1

bf3b1b32effdde2a3e3bae15c9e76e42cb694eb8
SHA256

2988a2c0f0aa9ed1aa8feee24bca194bbaf8d907a5f120910db6f4bb3c7adaac
SHA512

ef96e5809aea41dde9cb7d24cf6dffb563cb59da379223b47b1df48c4c583c5c81edc89f7ce2a7088d0c7c6b1745e6a64f75379a15d936b21dc6545393b8aadc
SSDEEP

3072:8iKmc7GSk7CyEJMDtkkXfC8sbYH6irTi:RKgXXa8xH6irT

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_e8d3bb336339dd1af4d64f6fdebcfa60.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_e8d3bb336339dd1af4d64f6fdebcfa60.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_e8d3bb336339dd1af4d64f6fdebcfa60
- Size
  
  372KB
- MD5
  
  e8d3bb336339dd1af4d64f6fdebcfa60
- SHA1
  
  bf3b1b32effdde2a3e3bae15c9e76e42cb694eb8
- SHA256
  
  2988a2c0f0aa9ed1aa8feee24bca194bbaf8d907a5f120910db6f4bb3c7adaac
- SHA512
  
  ef96e5809aea41dde9cb7d24cf6dffb563cb59da379223b47b1df48c4c583c5c81edc89f7ce2a7088d0c7c6b1745e6a64f75379a15d936b21dc6545393b8aadc
- SSDEEP
  
  3072:8iKmc7GSk7CyEJMDtkkXfC8sbYH6irTi:RKgXXa8xH6irT
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy