Overview

overview

10

Static

static

3

e65e147908...18.exe

windows7-x64

10

e65e147908...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e65e1479089507fa9c516917aaec404e_JaffaCakes118

  • Size

    90KB

  • Sample

    240408-cc8a7sde46

  • MD5

    e65e1479089507fa9c516917aaec404e

  • SHA1

    93e4528e4ad444aecf201e1c35e94b564db694f2

  • SHA256

    3244f27a6e152bd71d15d538045d8bd086c681098e8aedd01e93a4f7d7fc636d

  • SHA512

    0c07426ad9ebcbeee547dd143ba11275c722389a9ba1b4acf4197db9f9d85e64fa16eca63796e2d18f1acef9269497476988071ff003e7fefe25b124e5395e0d

  • SSDEEP

    1536:cHBNAohbsr3EFVKECcWLE41fJwyYoP5Kt8AvBVmXTWvka3/VOOqFe:obhbA3EfCcyXUXmoka3/sI

Score
10/10
xtremeratpersistenceratspyware

Malware Config

Targets

    • Target

      e65e1479089507fa9c516917aaec404e_JaffaCakes118

    • Size

      90KB

    • MD5

      e65e1479089507fa9c516917aaec404e

    • SHA1

      93e4528e4ad444aecf201e1c35e94b564db694f2

    • SHA256

      3244f27a6e152bd71d15d538045d8bd086c681098e8aedd01e93a4f7d7fc636d

    • SHA512

      0c07426ad9ebcbeee547dd143ba11275c722389a9ba1b4acf4197db9f9d85e64fa16eca63796e2d18f1acef9269497476988071ff003e7fefe25b124e5395e0d

    • SSDEEP

      1536:cHBNAohbsr3EFVKECcWLE41fJwyYoP5Kt8AvBVmXTWvka3/VOOqFe:obhbA3EfCcyXUXmoka3/sI

    Score
    10/10
    xtremeratpersistenceratspyware

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

      persistencespywareratxtremerat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks