xtremerat

General

Target

JaffaCakes118_243454c6a2775a2415011b97598ed4d2
Size

105KB
Sample

250124-wz1dna1nd1
MD5

243454c6a2775a2415011b97598ed4d2
SHA1

29659d159499ca93f3c75a640fa9b89cd46fdd7d
SHA256

61e523ca922591d4460fb3c63ec4627583bbd74e2d5b37172ce762347a946ebe
SHA512

05340d150711a8c49fd259f7c0e0a1ee33cacd6839642842e482f0e3fcdcf44eeec66b7b33131ab71e576b5f744dc0fdb64d3bda4e419fb2ceb65350a1a64264
SSDEEP

1536:Ss/psfKLveiUj+UgapkUbl+Wg1liDzssei13OzJbYhXh7dBemgKYHLHl2yODxle2:r/cyelTpkUbQW8yiiFxhEmg9HLH3sxl

Score

10^/10

Malware Config

Extracted

Family

xtremerat

C2

mmsalti.no-ip.org

Targets

- Target
  
  JaffaCakes118_243454c6a2775a2415011b97598ed4d2
- Size
  
  105KB
- MD5
  
  243454c6a2775a2415011b97598ed4d2
- SHA1
  
  29659d159499ca93f3c75a640fa9b89cd46fdd7d
- SHA256
  
  61e523ca922591d4460fb3c63ec4627583bbd74e2d5b37172ce762347a946ebe
- SHA512
  
  05340d150711a8c49fd259f7c0e0a1ee33cacd6839642842e482f0e3fcdcf44eeec66b7b33131ab71e576b5f744dc0fdb64d3bda4e419fb2ceb65350a1a64264
- SSDEEP
  
  1536:Ss/psfKLveiUj+UgapkUbl+Wg1liDzssei13OzJbYhXh7dBemgKYHLHl2yODxle2:r/cyelTpkUbQW8yiiFxhEmg9HLH3sxl
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect XtremeRAT payload

Xtremerat family

Suspicious use of SetThreadContext

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2