General
-
Target
e26b5ff8285421e5ac50303db8d96e02_JaffaCakes118
-
Size
19KB
-
Sample
240406-neqpqaha7y
-
MD5
e26b5ff8285421e5ac50303db8d96e02
-
SHA1
4ea6daa88b4171b266826d69609948602804fb89
-
SHA256
4809e8213516ec77f1915bca9e2ea9a48c6faebea3a2fdd82cc7ee28fd9095a5
-
SHA512
7686b11decdd11a98f1bc8e18413d3782bc779459e4acca2befa17337b2fd1810b9d8b9982bf0a7cb5993a4c2acc9f5a081dc64c0566b75477d60c2a28bf9fbc
-
SSDEEP
384:1HKZfuH87GowDqGoMwevqxP6k6zIDwPVBSAYXhQclJpY7Ra:gZfuHUvwDKP6kMpMhZaa
Behavioral task
behavioral1
Sample
e26b5ff8285421e5ac50303db8d96e02_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
e26b5ff8285421e5ac50303db8d96e02_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e26b5ff8285421e5ac50303db8d96e02_JaffaCakes118
-
Size
19KB
-
MD5
e26b5ff8285421e5ac50303db8d96e02
-
SHA1
4ea6daa88b4171b266826d69609948602804fb89
-
SHA256
4809e8213516ec77f1915bca9e2ea9a48c6faebea3a2fdd82cc7ee28fd9095a5
-
SHA512
7686b11decdd11a98f1bc8e18413d3782bc779459e4acca2befa17337b2fd1810b9d8b9982bf0a7cb5993a4c2acc9f5a081dc64c0566b75477d60c2a28bf9fbc
-
SSDEEP
384:1HKZfuH87GowDqGoMwevqxP6k6zIDwPVBSAYXhQclJpY7Ra:gZfuHUvwDKP6kMpMhZaa
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Drops file in System32 directory
-