xtremerat | 9f7b8a5da0d7fb8036bd6cf6fb5f808e747e3823c03a592bb133e49bc473924c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

JaffaCakes...d9.exe

windows7-x64

JaffaCakes...d9.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9
Size

2.2MB
Sample

250314-psfbks1sdv
MD5

7443e293e63dc4f63325bf4f381fd6d9
SHA1

b0987f1b6813b040946738896f6960a805b00434
SHA256

9f7b8a5da0d7fb8036bd6cf6fb5f808e747e3823c03a592bb133e49bc473924c
SHA512

af7f0adaffe07d38ddc032cdd2e9f141b1752b4ae274066751c14892dd51fea7b113efa27747730fec054493adcb950fe9848bc15ac71da20e14ce0364bc5311
SSDEEP

49152:UbfwM7Mb+4Nx5J7WrmbMviQRZUEIhFwzItkPo:c4D77Wr+ciFwzItUo

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9.exe

Resource

win7-20240903-en

xtremerat discovery persistence rat spyware

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9.exe

Resource

win10v2004-20250314-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

network923.no-ip.biz

Targets

- Target
  
  JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9
- Size
  
  2.2MB
- MD5
  
  7443e293e63dc4f63325bf4f381fd6d9
- SHA1
  
  b0987f1b6813b040946738896f6960a805b00434
- SHA256
  
  9f7b8a5da0d7fb8036bd6cf6fb5f808e747e3823c03a592bb133e49bc473924c
- SHA512
  
  af7f0adaffe07d38ddc032cdd2e9f141b1752b4ae274066751c14892dd51fea7b113efa27747730fec054493adcb950fe9848bc15ac71da20e14ce0364bc5311
- SSDEEP
  
  49152:UbfwM7Mb+4Nx5J7WrmbMviQRZUEIhFwzItkPo:c4D77Wr+ciFwzItUo
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

behavioral2

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy