General
-
Target
1acac9d8a58b41988c26f63917761333_JaffaCakes118
-
Size
44KB
-
Sample
240701-lk2ytsxdrj
-
MD5
1acac9d8a58b41988c26f63917761333
-
SHA1
bb24757003acf5ed22c400939e153cb07035f65c
-
SHA256
414842da2fff2d3e9f794a5805e9399ba9a9d4a6b14eea762ab88977e2500a65
-
SHA512
4750a715cc4bb24bbb9e48fa6c25c1c4d88c9b2fba107153e7ab19c462f4e6ce7b8208a2de2b071a5aa82b9957c8879d544a12f09124faf147ae24a4998c68c3
-
SSDEEP
768:LBr+tjdqTPkAlNztB1or6an3smTA8uvm2jfOTwYPI9zo6:lyR8HlFL1or6an3TLuvm27uQdo6
Malware Config
Extracted
xtremerat
fmicrosoft2012.no-ip.biz
Targets
-
-
Target
1acac9d8a58b41988c26f63917761333_JaffaCakes118
-
Size
44KB
-
MD5
1acac9d8a58b41988c26f63917761333
-
SHA1
bb24757003acf5ed22c400939e153cb07035f65c
-
SHA256
414842da2fff2d3e9f794a5805e9399ba9a9d4a6b14eea762ab88977e2500a65
-
SHA512
4750a715cc4bb24bbb9e48fa6c25c1c4d88c9b2fba107153e7ab19c462f4e6ce7b8208a2de2b071a5aa82b9957c8879d544a12f09124faf147ae24a4998c68c3
-
SSDEEP
768:LBr+tjdqTPkAlNztB1or6an3smTA8uvm2jfOTwYPI9zo6:lyR8HlFL1or6an3TLuvm27uQdo6
Score10/10-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-