General
-
Target
efaf9583f501557601f7acc59d1a7d32_JaffaCakes118
-
Size
62KB
-
Sample
240414-2nx22sfg83
-
MD5
efaf9583f501557601f7acc59d1a7d32
-
SHA1
462da960c5f411ff2002cc2d68b9876ed0358b29
-
SHA256
f7e19d70e0f46d87c813bd371e752261436437d721dc9a99fb81c39420621c8d
-
SHA512
523de41e53d09448bdaf5a108de13269b00c79485fbcb449c4d265a8124c9b735fa13e4e972020385d291ede43f76a3d5845719462fe1312dee1b42da5d67526
-
SSDEEP
1536:hNW71rcYDAWeotvXliBghB29g4p9GDRlzch9QBUiAESG6m:hNW7dEvotvXmgj264zaQQB
Behavioral task
behavioral1
Sample
efaf9583f501557601f7acc59d1a7d32_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
efaf9583f501557601f7acc59d1a7d32_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xtremerat
klawchi.no-ip.org
Targets
-
-
Target
efaf9583f501557601f7acc59d1a7d32_JaffaCakes118
-
Size
62KB
-
MD5
efaf9583f501557601f7acc59d1a7d32
-
SHA1
462da960c5f411ff2002cc2d68b9876ed0358b29
-
SHA256
f7e19d70e0f46d87c813bd371e752261436437d721dc9a99fb81c39420621c8d
-
SHA512
523de41e53d09448bdaf5a108de13269b00c79485fbcb449c4d265a8124c9b735fa13e4e972020385d291ede43f76a3d5845719462fe1312dee1b42da5d67526
-
SSDEEP
1536:hNW71rcYDAWeotvXliBghB29g4p9GDRlzch9QBUiAESG6m:hNW7dEvotvXmgj264zaQQB
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-