General
-
Target
ff39360d929cf960632b847ab1f0132f_JaffaCakes118
-
Size
384KB
-
Sample
240421-n4rcjsba9z
-
MD5
ff39360d929cf960632b847ab1f0132f
-
SHA1
53276d8af6896b362da912389b4826e40effa97b
-
SHA256
a9cc4ca3b78665931129982e8af945672473900a231424fc7baef00b7111a647
-
SHA512
0151f923935185c0a4dd195a54548fd95dc749f5bcd4144cf561ebdabb730a147854de8dcc2bcdaaf9bdc681ff8f33e0cd92b0c81c0b5854064f265cc8afb5e9
-
SSDEEP
3072:efKFiKjJqh1DNow0LdEWec9LbYLSvuR4R83v0fEomS:0NovLTec9LbYLSvuR4R8f0fEo
Static task
static1
Behavioral task
behavioral1
Sample
ff39360d929cf960632b847ab1f0132f_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ff39360d929cf960632b847ab1f0132f_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
xtremerat
far3on.zapto.org
Targets
-
-
Target
ff39360d929cf960632b847ab1f0132f_JaffaCakes118
-
Size
384KB
-
MD5
ff39360d929cf960632b847ab1f0132f
-
SHA1
53276d8af6896b362da912389b4826e40effa97b
-
SHA256
a9cc4ca3b78665931129982e8af945672473900a231424fc7baef00b7111a647
-
SHA512
0151f923935185c0a4dd195a54548fd95dc749f5bcd4144cf561ebdabb730a147854de8dcc2bcdaaf9bdc681ff8f33e0cd92b0c81c0b5854064f265cc8afb5e9
-
SSDEEP
3072:efKFiKjJqh1DNow0LdEWec9LbYLSvuR4R83v0fEomS:0NovLTec9LbYLSvuR4R8f0fEo
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-