xtremerat | 138607817f48bd18b5b512d8eb9f53b6984f6c88f9287ce60612aacde2a8d332 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...a3.exe

windows7-x64

JaffaCakes...a3.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_250368901067ead28d96afb92bf7efa3
Size

64KB
Sample

250124-yw4m1swmcw
MD5

250368901067ead28d96afb92bf7efa3
SHA1

3457dae67baf52b8797c4524749c93ae30db7d2b
SHA256

138607817f48bd18b5b512d8eb9f53b6984f6c88f9287ce60612aacde2a8d332
SHA512

a4fafc3527b9209feb29cb268e168ccef39f094f638497fccaf7dde47a66423ea647cbbf685800a11c18a8da3764e9231b08adc6712d18467d16ce1d09b8081e
SSDEEP

1536:g13FL1blWvOXpYRl5oy1on9/Zf2uDuL1QZ:S1L1blWvapYRHfu9B9i

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_250368901067ead28d96afb92bf7efa3.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_250368901067ead28d96afb92bf7efa3.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_250368901067ead28d96afb92bf7efa3
- Size
  
  64KB
- MD5
  
  250368901067ead28d96afb92bf7efa3
- SHA1
  
  3457dae67baf52b8797c4524749c93ae30db7d2b
- SHA256
  
  138607817f48bd18b5b512d8eb9f53b6984f6c88f9287ce60612aacde2a8d332
- SHA512
  
  a4fafc3527b9209feb29cb268e168ccef39f094f638497fccaf7dde47a66423ea647cbbf685800a11c18a8da3764e9231b08adc6712d18467d16ce1d09b8081e
- SSDEEP
  
  1536:g13FL1blWvOXpYRl5oy1on9/Zf2uDuL1QZ:S1L1blWvapYRHfu9B9i
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy