General
-
Target
efa842eaaab203a58905b990cf6355ed_JaffaCakes118
-
Size
384KB
-
Sample
240414-2dq6rafe56
-
MD5
efa842eaaab203a58905b990cf6355ed
-
SHA1
1d806019bc8c344ba7e702c20dbed6a120a216fb
-
SHA256
fb5b66d698b22741a37a184f854a433fcc8100b31fbc36cd3504db8df4a0e32a
-
SHA512
daf3227c75ec65bc11f94bb6931b1f51e1103cf4df60f1a5068401f7f230f905f05358b1c96f24a05d96a5f8557a4c8aa02d8746e3cccf0ecb5269603730fcfc
-
SSDEEP
3072:QI24SkDDRU/bLtDaN4UbqgQKYOZFLvy5n8xzKzJMG+UUXt2n/M+mrjtlJZ9Vi4KC:boiDKEt2n/M+WJ/04KLmqdx
Static task
static1
Behavioral task
behavioral1
Sample
efa842eaaab203a58905b990cf6355ed_JaffaCakes118.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
efa842eaaab203a58905b990cf6355ed_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
efa842eaaab203a58905b990cf6355ed_JaffaCakes118
-
Size
384KB
-
MD5
efa842eaaab203a58905b990cf6355ed
-
SHA1
1d806019bc8c344ba7e702c20dbed6a120a216fb
-
SHA256
fb5b66d698b22741a37a184f854a433fcc8100b31fbc36cd3504db8df4a0e32a
-
SHA512
daf3227c75ec65bc11f94bb6931b1f51e1103cf4df60f1a5068401f7f230f905f05358b1c96f24a05d96a5f8557a4c8aa02d8746e3cccf0ecb5269603730fcfc
-
SSDEEP
3072:QI24SkDDRU/bLtDaN4UbqgQKYOZFLvy5n8xzKzJMG+UUXt2n/M+mrjtlJZ9Vi4KC:boiDKEt2n/M+WJ/04KLmqdx
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-