xtremerat | 13dc98528c16aa8e09ad30d7a2290055958b591e676a30f1581a4f9f9c617e2d | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...fa.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_adf194c16dffe2bb961a607324ebebfa
Size

304KB
Sample

250411-mavx7swpz5
MD5

adf194c16dffe2bb961a607324ebebfa
SHA1

bf03d4140d0f8d57e53dfd12b113092d87cd400b
SHA256

13dc98528c16aa8e09ad30d7a2290055958b591e676a30f1581a4f9f9c617e2d
SHA512

9220be890d0f15c244f1434fe359eb119950da8d7983da4c0846786edd09f7e23c184e86111bdbf77c82d93b8c37b3abeed053bca767efd46772360353c0d390
SSDEEP

3072:KBh0HNt/Yx5Ce6y6BOykct57s6nWqB3srCIHRx7EAQ6tQgOjDY/tJm8zl4mEXrkV:KP

Score

10^/10

xtremerat discovery persistence rat spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_adf194c16dffe2bb961a607324ebebfa.exe

Resource

win10v2004-20250410-en

xtremerat discovery persistence rat spyware

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

vpndodo.sytes.net

Targets

- Target
  
  JaffaCakes118_adf194c16dffe2bb961a607324ebebfa
- Size
  
  304KB
- MD5
  
  adf194c16dffe2bb961a607324ebebfa
- SHA1
  
  bf03d4140d0f8d57e53dfd12b113092d87cd400b
- SHA256
  
  13dc98528c16aa8e09ad30d7a2290055958b591e676a30f1581a4f9f9c617e2d
- SHA512
  
  9220be890d0f15c244f1434fe359eb119950da8d7983da4c0846786edd09f7e23c184e86111bdbf77c82d93b8c37b3abeed053bca767efd46772360353c0d390
- SSDEEP
  
  3072:KBh0HNt/Yx5Ce6y6BOykct57s6nWqB3srCIHRx7EAQ6tQgOjDY/tJm8zl4mEXrkV:KP
Score

10^/10

xtremerat discovery persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
- Xtremerat family
  xtremerat
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xtremeratdiscoverypersistenceratspyware

© 2018-2025

Terms | Privacy