xtremerat | ba03144a100fddeaf015ba5fc2a2c789d02c3278cfd8271da36f61fcfe599878 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...66.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_ab9eee0bf8554b0e801987294a816266
Size

75KB
Sample

250410-z3676asl16
MD5

ab9eee0bf8554b0e801987294a816266
SHA1

ab98b4dd9d68280946f8a284270fbbd2de8d0b14
SHA256

ba03144a100fddeaf015ba5fc2a2c789d02c3278cfd8271da36f61fcfe599878
SHA512

d23b8f29a3931f39dabae8bda61485e9889f5b298c37748c219b4e369e61af284a6b65ff5131cd58659638e7ed49a884b92d6673c482548c1788e2c321165361
SSDEEP

1536:vAatFyviqgsDz4IJFE6OyiBgOaajWIrxTitke8mjWflCl96ug1:4O9qDwGRU0ajW0ve88WfYyuQ

Score

10^/10

xtremerat discovery persistence rat spyware upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_ab9eee0bf8554b0e801987294a816266.exe

Resource

win10v2004-20250314-en

xtremerat discovery persistence rat spyware upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

black100.no-ip.biz

Checkcantstop.no-ip.biz

Targets

- Target
  
  JaffaCakes118_ab9eee0bf8554b0e801987294a816266
- Size
  
  75KB
- MD5
  
  ab9eee0bf8554b0e801987294a816266
- SHA1
  
  ab98b4dd9d68280946f8a284270fbbd2de8d0b14
- SHA256
  
  ba03144a100fddeaf015ba5fc2a2c789d02c3278cfd8271da36f61fcfe599878
- SHA512
  
  d23b8f29a3931f39dabae8bda61485e9889f5b298c37748c219b4e369e61af284a6b65ff5131cd58659638e7ed49a884b92d6673c482548c1788e2c321165361
- SSDEEP
  
  1536:vAatFyviqgsDz4IJFE6OyiBgOaajWIrxTitke8mjWflCl96ug1:4O9qDwGRU0ajW0ve88WfYyuQ
Score

10^/10

xtremerat discovery persistence rat spyware upx
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspywareupx

© 2018-2025

Terms | Privacy