General
-
Target
fc0109c27551e1bd3a609b8723106bcb_JaffaCakes118
-
Size
200KB
-
Sample
240420-fwfbbaab4w
-
MD5
fc0109c27551e1bd3a609b8723106bcb
-
SHA1
ebecea0e3dd1c339101114cd751c0d58159821f8
-
SHA256
8f6706446efab5361ac60b4c3f930d61ffed2103aebca92e69e1fcd8ebcd70b7
-
SHA512
751098e79af795c904beffe736ee03be166200c53436177d9a9f34edbdeb0611be7e37dde9624138bdf780f5e09dbc30ed8695b1fad10818f3907e1c215c22f3
-
SSDEEP
1536:QwRrfFgB/Dd8DJkWLwkhKCig43y7AqeTStsV86Vxez6UzELGlVJzmSA:QyT+5e1tECi/yEq4/V8oG9V8
Behavioral task
behavioral1
Sample
fc0109c27551e1bd3a609b8723106bcb_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fc0109c27551e1bd3a609b8723106bcb_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fc0109c27551e1bd3a609b8723106bcb_JaffaCakes118
-
Size
200KB
-
MD5
fc0109c27551e1bd3a609b8723106bcb
-
SHA1
ebecea0e3dd1c339101114cd751c0d58159821f8
-
SHA256
8f6706446efab5361ac60b4c3f930d61ffed2103aebca92e69e1fcd8ebcd70b7
-
SHA512
751098e79af795c904beffe736ee03be166200c53436177d9a9f34edbdeb0611be7e37dde9624138bdf780f5e09dbc30ed8695b1fad10818f3907e1c215c22f3
-
SSDEEP
1536:QwRrfFgB/Dd8DJkWLwkhKCig43y7AqeTStsV86Vxez6UzELGlVJzmSA:QyT+5e1tECi/yEq4/V8oG9V8
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-