General
-
Target
ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118
-
Size
42KB
-
Sample
240414-zw2dbsgd2w
-
MD5
ef80bfef733b8d4c9a63723aa6b77fa2
-
SHA1
a7191bdd324db258acd13c384243f8ada75d3ef9
-
SHA256
5c8a5800a8772afd57f247e9d940a3944bf84d1c0004bb89e28e8e0095dca898
-
SHA512
6c7ff76347e9af3bce0ade22c2ec1aa1f19536fc008d16401c51dd0ce1c579537773b950d214e9d662c0e5f70528fcc3cf431c78e78112d64d7ad378eac6cbcd
-
SSDEEP
768:CkcQvm1VsbiT858p1F5H9jSZwzjUw90YmT37Dj8E4ukOh:CkcQE6bio58bf9Bzn90rHfR
Static task
static1
Behavioral task
behavioral1
Sample
ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
xtremerat
esam2at.no-ip.biz
Targets
-
-
Target
ef80bfef733b8d4c9a63723aa6b77fa2_JaffaCakes118
-
Size
42KB
-
MD5
ef80bfef733b8d4c9a63723aa6b77fa2
-
SHA1
a7191bdd324db258acd13c384243f8ada75d3ef9
-
SHA256
5c8a5800a8772afd57f247e9d940a3944bf84d1c0004bb89e28e8e0095dca898
-
SHA512
6c7ff76347e9af3bce0ade22c2ec1aa1f19536fc008d16401c51dd0ce1c579537773b950d214e9d662c0e5f70528fcc3cf431c78e78112d64d7ad378eac6cbcd
-
SSDEEP
768:CkcQvm1VsbiT858p1F5H9jSZwzjUw90YmT37Dj8E4ukOh:CkcQE6bio58bf9Bzn90rHfR
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-