xtremerat | e73df65bf7af1a1f7c187dfd31ef9505e8e878a5c1a4a473f927dc33e0658eee | Triage

Submit
Reports

Overview

overview

Static

static

27dd1ede4a...18.exe

windows7-x64

27dd1ede4a...18.exe

windows10-2004-x64

Sharing

General

Target

27dd1ede4a89ae764b84fa764dee090b_JaffaCakes118
Size

91KB
Sample

240706-j5jlwasaqp
MD5

27dd1ede4a89ae764b84fa764dee090b
SHA1

128b73d827ad1f71ffd6df30ae4b70e06c62a8f7
SHA256

e73df65bf7af1a1f7c187dfd31ef9505e8e878a5c1a4a473f927dc33e0658eee
SHA512

d816c790ebe96f172dbde894cd5b93a8201fa27c97b72b1260694b1cc0315713def26c35a1cb303c3ad5331823b940671a548e8e8daa9c553426befe8c9e199a
SSDEEP

1536:ssq+QV4rObAdXWpf/y+7ozNwijAoi2UPhtoAoi2UPhtpoam:p44rj/Wodk3NPD3NP9oP

Score

10^/10

xtremerat persistence rat spyware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

27dd1ede4a89ae764b84fa764dee090b_JaffaCakes118.exe

Resource

win7-20240220-en

xtremerat persistence rat spyware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

27dd1ede4a89ae764b84fa764dee090b_JaffaCakes118.exe

Resource

win10v2004-20240704-en

xtremerat persistence rat spyware

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

xtremerat

C2

jor-hack.no-ip.info

Targets

- Target
  
  27dd1ede4a89ae764b84fa764dee090b_JaffaCakes118
- Size
  
  91KB
- MD5
  
  27dd1ede4a89ae764b84fa764dee090b
- SHA1
  
  128b73d827ad1f71ffd6df30ae4b70e06c62a8f7
- SHA256
  
  e73df65bf7af1a1f7c187dfd31ef9505e8e878a5c1a4a473f927dc33e0658eee
- SHA512
  
  d816c790ebe96f172dbde894cd5b93a8201fa27c97b72b1260694b1cc0315713def26c35a1cb303c3ad5331823b940671a548e8e8daa9c553426befe8c9e199a
- SSDEEP
  
  1536:ssq+QV4rObAdXWpf/y+7ozNwijAoi2UPhtoAoi2UPhtpoam:p44rj/Wodk3NPD3NP9oP
Score

10^/10

xtremerat persistence rat spyware
- Detect XtremeRAT payload
- XtremeRAT
  The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
  persistence spyware rat xtremerat
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

xtremeratpersistenceratspyware

behavioral2

xtremeratpersistenceratspyware

© 2018-2024

Terms | Privacy