xtremerat | 610868c139f0e41068d0f76e8043d295d6bc07cbc13a0faa5ff688a1952a41c6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

JaffaCakes...ff.exe

windows7-x64

JaffaCakes...ff.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_271d3e7b5221592960fd61628be6c4ff
Size

65KB
Sample

250125-b18q7szqer
MD5

271d3e7b5221592960fd61628be6c4ff
SHA1

f5b5c1e6a89272f7127dbe8a111089ae653d8ead
SHA256

610868c139f0e41068d0f76e8043d295d6bc07cbc13a0faa5ff688a1952a41c6
SHA512

5c92e6c2b1fbc47acc81b43b63fb7198fdce1797d53a8c79e075356e333fa618042e73341b82a78e479682d5c10c7505e37d93706620e204de912e252ff4e957
SSDEEP

768:e8m1Sq4NQErBsH1tzoisBKQI6dObAG/dqOXHsoAx5JXrUqLOY0pYKnA+7PoNwwzF:ssq+QV4rObAdNoAf5UqiYmlArNwYoOyS

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_271d3e7b5221592960fd61628be6c4ff.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_271d3e7b5221592960fd61628be6c4ff.exe

Resource

win10v2004-20241007-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_271d3e7b5221592960fd61628be6c4ff
- Size
  
  65KB
- MD5
  
  271d3e7b5221592960fd61628be6c4ff
- SHA1
  
  f5b5c1e6a89272f7127dbe8a111089ae653d8ead
- SHA256
  
  610868c139f0e41068d0f76e8043d295d6bc07cbc13a0faa5ff688a1952a41c6
- SHA512
  
  5c92e6c2b1fbc47acc81b43b63fb7198fdce1797d53a8c79e075356e333fa618042e73341b82a78e479682d5c10c7505e37d93706620e204de912e252ff4e957
- SSDEEP
  
  768:e8m1Sq4NQErBsH1tzoisBKQI6dObAG/dqOXHsoAx5JXrUqLOY0pYKnA+7PoNwwzF:ssq+QV4rObAdNoAf5UqiYmlArNwYoOyS
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy