General
-
Target
ed206e2e5e284a92ca6813afc53bb7b7_JaffaCakes118
-
Size
324KB
-
Sample
240411-lp5khsgg92
-
MD5
ed206e2e5e284a92ca6813afc53bb7b7
-
SHA1
69fc21143880dfa053ba3f9fd9d4e3829cc25ee4
-
SHA256
3fa00b395e829b809cf93d5a3a9c912655c0270e98251cad61692800e8020e0d
-
SHA512
d3d057174a3d1795eb8bd39626acc796b8aae10a4fc3653e0ca86efada59fa4de5000b4f332bc971d3b81bf7fbe93439d0923451f1505338c6bbc168a0b9656e
-
SSDEEP
1536:RF92SYJEnfKFSH+Di+LA427mhJbccAQ3KSKtW8OMkrO91TFhuFGK:RySY6fKFiK1JwQ3tf831TSFG
Static task
static1
Behavioral task
behavioral1
Sample
ed206e2e5e284a92ca6813afc53bb7b7_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
ed206e2e5e284a92ca6813afc53bb7b7_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xtremerat
far3on.zapto.org
Targets
-
-
Target
ed206e2e5e284a92ca6813afc53bb7b7_JaffaCakes118
-
Size
324KB
-
MD5
ed206e2e5e284a92ca6813afc53bb7b7
-
SHA1
69fc21143880dfa053ba3f9fd9d4e3829cc25ee4
-
SHA256
3fa00b395e829b809cf93d5a3a9c912655c0270e98251cad61692800e8020e0d
-
SHA512
d3d057174a3d1795eb8bd39626acc796b8aae10a4fc3653e0ca86efada59fa4de5000b4f332bc971d3b81bf7fbe93439d0923451f1505338c6bbc168a0b9656e
-
SSDEEP
1536:RF92SYJEnfKFSH+Di+LA427mhJbccAQ3KSKtW8OMkrO91TFhuFGK:RySY6fKFiK1JwQ3tf831TSFG
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-