xtremerat | 27c6f4cf933a967bc2d50acb5a78b54b6603483cf2e02d7cce26b6ca676bc8ab | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

JaffaCakes...53.exe

windows7-x64

JaffaCakes...53.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_62e200d222fa103d6b94ebd61d40b053
Size

44KB
Sample

250130-pz7z6s1nft
MD5

62e200d222fa103d6b94ebd61d40b053
SHA1

442d7f68d17b8e126080b013a59889a0b1ebfbdd
SHA256

27c6f4cf933a967bc2d50acb5a78b54b6603483cf2e02d7cce26b6ca676bc8ab
SHA512

028a195233e1b9cee4a6a3d3ecefd45fb8a73ff0161c38b83cab1aaf7fa5d45afb7c3bcc340a7a70d6508f6595764229dea36e3544a350721ef8b67f3e5875a4
SSDEEP

768:1Br+tjFUTPkAlfztB1lr6anQ9mTwcuvm2DfOTwYPIVzoF:ryR2HlrL1lr6anPTbuvm2buQFoF

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_62e200d222fa103d6b94ebd61d40b053.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_62e200d222fa103d6b94ebd61d40b053.exe

Resource

win10v2004-20250129-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

kabokaa.zapto.org

Targets

- Target
  
  JaffaCakes118_62e200d222fa103d6b94ebd61d40b053
- Size
  
  44KB
- MD5
  
  62e200d222fa103d6b94ebd61d40b053
- SHA1
  
  442d7f68d17b8e126080b013a59889a0b1ebfbdd
- SHA256
  
  27c6f4cf933a967bc2d50acb5a78b54b6603483cf2e02d7cce26b6ca676bc8ab
- SHA512
  
  028a195233e1b9cee4a6a3d3ecefd45fb8a73ff0161c38b83cab1aaf7fa5d45afb7c3bcc340a7a70d6508f6595764229dea36e3544a350721ef8b67f3e5875a4
- SSDEEP
  
  768:1Br+tjFUTPkAlfztB1lr6anQ9mTwcuvm2DfOTwYPIVzoF:ryR2HlrL1lr6anPTbuvm2buQFoF
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.