General
-
Target
3402d3b169ade14b1978abb04a7a0e98_JaffaCakes118
-
Size
1.1MB
-
Sample
240511-l1d7psef33
-
MD5
3402d3b169ade14b1978abb04a7a0e98
-
SHA1
f779739c1a425aa0339d58bf38974ecea25780e9
-
SHA256
b6010f505986b64dcbb7a4ba47920d536d82e9561038a10372ea7552e416a4e6
-
SHA512
4e6e89ba81f2813e97de4cba2e954b0b1f010d4c42a2f32faec5e1548d3166d463d0bdc5a06f764d67a532ff371d3eae5da0a263c19ff00ee629d3d367740558
-
SSDEEP
24576:9RmJkcoQricOIQxiZY1WN2LVjx1oltb8kMVnjI6:yJZoQrbTFZY1WN2LVx1atSBt
Static task
static1
Behavioral task
behavioral1
Sample
3402d3b169ade14b1978abb04a7a0e98_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
3402d3b169ade14b1978abb04a7a0e98_JaffaCakes118
-
Size
1.1MB
-
MD5
3402d3b169ade14b1978abb04a7a0e98
-
SHA1
f779739c1a425aa0339d58bf38974ecea25780e9
-
SHA256
b6010f505986b64dcbb7a4ba47920d536d82e9561038a10372ea7552e416a4e6
-
SHA512
4e6e89ba81f2813e97de4cba2e954b0b1f010d4c42a2f32faec5e1548d3166d463d0bdc5a06f764d67a532ff371d3eae5da0a263c19ff00ee629d3d367740558
-
SSDEEP
24576:9RmJkcoQricOIQxiZY1WN2LVjx1oltb8kMVnjI6:yJZoQrbTFZY1WN2LVx1atSBt
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-