xtremerat | f35859dd6d0f0db6e0af9b0aa57cbea9b31386f961c8a5e898a0c65e7fb25786 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...89.exe

windows7-x64

JaffaCakes...89.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_11cb857ecd7fb2227bbbaf4b6b1c6f89
Size

104KB
Sample

250122-24lc7azph1
MD5

11cb857ecd7fb2227bbbaf4b6b1c6f89
SHA1

0b954eed5f7e49c98cd237e5075e759a7b0b34b0
SHA256

f35859dd6d0f0db6e0af9b0aa57cbea9b31386f961c8a5e898a0c65e7fb25786
SHA512

3e2e38e9146a04804cff39320a8fb976eaab864f0af69777c395f171cd72107b3b4ccaa99d58ba0284a8e42e25233cbd3fef9cd2887e01d65f2d6048473d2fce
SSDEEP

3072:hkNBF21BhrTEC/V9E0htgO1uEThDnPIVLqSo3izNbfn32:eolAOgENncp2iZf32

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_11cb857ecd7fb2227bbbaf4b6b1c6f89.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_11cb857ecd7fb2227bbbaf4b6b1c6f89.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_11cb857ecd7fb2227bbbaf4b6b1c6f89
- Size
  
  104KB
- MD5
  
  11cb857ecd7fb2227bbbaf4b6b1c6f89
- SHA1
  
  0b954eed5f7e49c98cd237e5075e759a7b0b34b0
- SHA256
  
  f35859dd6d0f0db6e0af9b0aa57cbea9b31386f961c8a5e898a0c65e7fb25786
- SHA512
  
  3e2e38e9146a04804cff39320a8fb976eaab864f0af69777c395f171cd72107b3b4ccaa99d58ba0284a8e42e25233cbd3fef9cd2887e01d65f2d6048473d2fce
- SSDEEP
  
  3072:hkNBF21BhrTEC/V9E0htgO1uEThDnPIVLqSo3izNbfn32:eolAOgENncp2iZf32
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy