General
-
Target
f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118
-
Size
449KB
-
Sample
240415-mvbp3aeh2z
-
MD5
f0dfc3c1267ab4e9694e00b16fdb647d
-
SHA1
44812282bd1228a4b659d300815749a567169572
-
SHA256
f96995899d4bc1ee309064480316a0add0e089e708e2d0c99645f08518eabdd1
-
SHA512
1cc704e9fde7b0f4ac49f190b202ed86c53fad7ee9a61c6e7fae11a8962ade6961a5b653d9c36c239418bd181eed52ba666ca6b87b58b38cf29b885200ae446d
-
SSDEEP
6144:TXQAYzJMEExuJrc/vIU0SSM627FAAVBZLjJoxGq6IE2gXDD02L2jsraaHl/pqlmJ:TXQAaSuJQnIu0AVjFYGq6sd2J7qllVDw
Static task
static1
Behavioral task
behavioral1
Sample
f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f0dfc3c1267ab4e9694e00b16fdb647d_JaffaCakes118
-
Size
449KB
-
MD5
f0dfc3c1267ab4e9694e00b16fdb647d
-
SHA1
44812282bd1228a4b659d300815749a567169572
-
SHA256
f96995899d4bc1ee309064480316a0add0e089e708e2d0c99645f08518eabdd1
-
SHA512
1cc704e9fde7b0f4ac49f190b202ed86c53fad7ee9a61c6e7fae11a8962ade6961a5b653d9c36c239418bd181eed52ba666ca6b87b58b38cf29b885200ae446d
-
SSDEEP
6144:TXQAYzJMEExuJrc/vIU0SSM627FAAVBZLjJoxGq6IE2gXDD02L2jsraaHl/pqlmJ:TXQAaSuJQnIu0AVjFYGq6sd2J7qllVDw
Score10/10-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-