General
-
Target
ed458ac0ebca7757e713df92814ef846_JaffaCakes118
-
Size
549KB
-
Sample
240411-m5761sab32
-
MD5
ed458ac0ebca7757e713df92814ef846
-
SHA1
069b478548f326d440ef7e9baff327521f4f184b
-
SHA256
78a5abed54c6e876ae1e18ffaf1bc2b17d925104043a51fff10e3f80a7cde403
-
SHA512
e5c2dac6897e1f568ffab20c11ef3151bc1204659dfce228e7ac8d1c3e71b582a678a74df4b0967155e904f5a3a610d342ce93f018a4f7f15bc1d2083941025a
-
SSDEEP
1536:KdC8MmkY7Xf9xk7/iY3j0jyTph5KRl28QBCBhSZlsffZxEJC5:KdCYz6H4sQKhMBhSUJxEG
Static task
static1
Behavioral task
behavioral1
Sample
ed458ac0ebca7757e713df92814ef846_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
ed458ac0ebca7757e713df92814ef846_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xtremerat
katrena1986.no-ip.biz
Targets
-
-
Target
ed458ac0ebca7757e713df92814ef846_JaffaCakes118
-
Size
549KB
-
MD5
ed458ac0ebca7757e713df92814ef846
-
SHA1
069b478548f326d440ef7e9baff327521f4f184b
-
SHA256
78a5abed54c6e876ae1e18ffaf1bc2b17d925104043a51fff10e3f80a7cde403
-
SHA512
e5c2dac6897e1f568ffab20c11ef3151bc1204659dfce228e7ac8d1c3e71b582a678a74df4b0967155e904f5a3a610d342ce93f018a4f7f15bc1d2083941025a
-
SSDEEP
1536:KdC8MmkY7Xf9xk7/iY3j0jyTph5KRl28QBCBhSZlsffZxEJC5:KdCYz6H4sQKhMBhSUJxEG
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-