xtremerat | 52ab98caf46cf98da6489158463930fa3af458676b2e9f5a78d50a1fca227a96 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...0a.exe

windows7-x64

JaffaCakes...0a.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_1a2271f8b82507cf1d5b9339f566140a
Size

428KB
Sample

250222-rdh52ayken
MD5

1a2271f8b82507cf1d5b9339f566140a
SHA1

9b03f1c1f5728414bc1728e6edf23953a37987c2
SHA256

52ab98caf46cf98da6489158463930fa3af458676b2e9f5a78d50a1fca227a96
SHA512

878f358931b5a402948184fb61f8df6517f080f041a17d6900864afcece37d1291c2190786d8f69020a24982419775889cee8bde15ce219edd9f5a1d41b92c26
SSDEEP

6144:nb/tnko8JhQL5E6/moaJ9MUsdiJ9MUsdR:nZn8TQq9oudq

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_1a2271f8b82507cf1d5b9339f566140a.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_1a2271f8b82507cf1d5b9339f566140a.exe

Resource

win10v2004-20250217-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

osamab7bk.no-ip.biz

Targets

- Target
  
  JaffaCakes118_1a2271f8b82507cf1d5b9339f566140a
- Size
  
  428KB
- MD5
  
  1a2271f8b82507cf1d5b9339f566140a
- SHA1
  
  9b03f1c1f5728414bc1728e6edf23953a37987c2
- SHA256
  
  52ab98caf46cf98da6489158463930fa3af458676b2e9f5a78d50a1fca227a96
- SHA512
  
  878f358931b5a402948184fb61f8df6517f080f041a17d6900864afcece37d1291c2190786d8f69020a24982419775889cee8bde15ce219edd9f5a1d41b92c26
- SSDEEP
  
  6144:nb/tnko8JhQL5E6/moaJ9MUsdiJ9MUsdR:nZn8TQq9oudq
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy