xtremerat | 1a0cf107cfc08966f78a4704cccb304f60e97096f18391c24460b19f533804d0 | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...a7.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_a1aacaadd709e5e317e5fbf2985216a7
Size

33KB
Sample

250408-1aspqs1rv6
MD5

a1aacaadd709e5e317e5fbf2985216a7
SHA1

6f4fc8445a5b693874d54a92f7517d43ca209a32
SHA256

1a0cf107cfc08966f78a4704cccb304f60e97096f18391c24460b19f533804d0
SHA512

2105caa13b03ca39a884e733780a71e8ce2bec50ba8b0cde1effcc3cbcc36eb120ca651f2a61e87b2c263459629d2a6b56843f1be2661a384220df4d43b92d33
SSDEEP

768:DMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lVZ+57vL7Wi:YNW71rcYDAWeotvXlVZ+57z7W

Score

10^/10

xtremerat discovery persistence rat spyware upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_a1aacaadd709e5e317e5fbf2985216a7.exe

Resource

win10v2004-20250314-en

xtremerat discovery persistence rat spyware upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

komberss.no-ip.biz

Targets

- Target
  
  JaffaCakes118_a1aacaadd709e5e317e5fbf2985216a7
- Size
  
  33KB
- MD5
  
  a1aacaadd709e5e317e5fbf2985216a7
- SHA1
  
  6f4fc8445a5b693874d54a92f7517d43ca209a32
- SHA256
  
  1a0cf107cfc08966f78a4704cccb304f60e97096f18391c24460b19f533804d0
- SHA512
  
  2105caa13b03ca39a884e733780a71e8ce2bec50ba8b0cde1effcc3cbcc36eb120ca651f2a61e87b2c263459629d2a6b56843f1be2661a384220df4d43b92d33
- SSDEEP
  
  768:DMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lVZ+57vL7Wi:YNW71rcYDAWeotvXlVZ+57z7W
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspywareupx

© 2018-2025

Terms | Privacy