xtremerat

General

Target

JaffaCakes118_232e2cf46a9aa90786ecad7a1a160bac
Size

216KB
Sample

250225-3xpbyavny3
MD5

232e2cf46a9aa90786ecad7a1a160bac
SHA1

0353e3de4430892005cd57c670d63137ca7feb2e
SHA256

ee506fffa49d02ac5c0abeeda4c47baecacb14f2da5daae59adc35a384b2e1e0
SHA512

9595ac9a1d0463dbce164f0f3bf2c8b988214d40c358dcea15cebe05ad12a5178dd061d09f5bf9095c900e3b576581769dfb212e9385870247de2151b0a59146
SSDEEP

6144:aOksXgnmBnMmjfvurcSKY0K0efL5cD3Is5P07:aOk74MmCHOej5cD3Is5Ps

Score

10^/10

Malware Config

Extracted

Family

xtremerat

C2

koo.zapto.org

Targets

- Target
  
  JaffaCakes118_232e2cf46a9aa90786ecad7a1a160bac
- Size
  
  216KB
- MD5
  
  232e2cf46a9aa90786ecad7a1a160bac
- SHA1
  
  0353e3de4430892005cd57c670d63137ca7feb2e
- SHA256
  
  ee506fffa49d02ac5c0abeeda4c47baecacb14f2da5daae59adc35a384b2e1e0
- SHA512
  
  9595ac9a1d0463dbce164f0f3bf2c8b988214d40c358dcea15cebe05ad12a5178dd061d09f5bf9095c900e3b576581769dfb212e9385870247de2151b0a59146
- SSDEEP
  
  6144:aOksXgnmBnMmjfvurcSKY0K0efL5cD3Is5P07:aOk74MmCHOej5cD3Is5Ps
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect XtremeRAT payload

Xtremerat family

Suspicious use of SetThreadContext

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2