ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool XtremeRAT

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: XtremeRAT

NamesXtremeRAT
ExtRat
CategoryTools
TypeBackdoor, Keylogger, Info stealer, Exfiltration
DescriptionA publicly available RAT.

(FireEye) XtremeRAT allows an attacker to:

• Interact with the victim via a remote shell
• Upload/download files
• Interact with the registry
• Manipulate running processes and services
• Capture images of the desktop
• Record from connected devices, such as a webcam or microphone

Moreover, during the build process, the attacker can specify whether to include keylogging and USB infection functions.
Information<https://www.fireeye.com/blog/threat-research/2014/02/xtremerat-nuisance-or-threat.html>
<https://community.rsa.com/community/products/netwitness/blog/2017/08/02/malspam-delivers-xtreme-rat-8-1-2017>
<https://www.symantec.com/connect/blogs/colombians-major-target-email-campaigns-delivering-xtreme-rat>
<https://malware.lu/articles/2012/07/22/xtreme-rat-analysis.html>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.extreme_rat>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:xtremerat>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

Previous: xsPlus
Next: X-Tunnel

All groups using tool XtremeRAT

ChangedNameCountryObserved

APT groups

 Molerats, Extreme Jackal, Gaza Cybergang[Gaza]2012-Apr 2021 
 Packrat[Latin America]2008 

2 groups listed (2 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key