General

  • Target

    3481705c04267f0a0dce285beb4b3e3d_JaffaCakes118

  • Size

    187KB

  • Sample

    240710-nfqfcaxajg

  • MD5

    3481705c04267f0a0dce285beb4b3e3d

  • SHA1

    df5c4c5743f17c82f184956ec753a8fb905321de

  • SHA256

    c1d96230e7663b4f5dbc3b36ddbdd6fa4316b159e2ce12d6cbdcf8a9df1ea999

  • SHA512

    3d7b07d1b15b2cf3aec5e6f7fe32b4757baf5918fb493aea026d51977d80094ca656d75ecc2d28a29d1149fb31f2432d9ffdf37cb5b6ada017f71a4b0caff75d

  • SSDEEP

    3072:YptxZGwEu/fCqEk2I5UWMEseqNKipCZ+s8lAWvBlSAW4GsdW/00s6r2:qHEu/M+5MEsHKipCWhWqGsdGn2

Malware Config

Targets

    • Target

      3481705c04267f0a0dce285beb4b3e3d_JaffaCakes118

    • Size

      187KB

    • MD5

      3481705c04267f0a0dce285beb4b3e3d

    • SHA1

      df5c4c5743f17c82f184956ec753a8fb905321de

    • SHA256

      c1d96230e7663b4f5dbc3b36ddbdd6fa4316b159e2ce12d6cbdcf8a9df1ea999

    • SHA512

      3d7b07d1b15b2cf3aec5e6f7fe32b4757baf5918fb493aea026d51977d80094ca656d75ecc2d28a29d1149fb31f2432d9ffdf37cb5b6ada017f71a4b0caff75d

    • SSDEEP

      3072:YptxZGwEu/fCqEk2I5UWMEseqNKipCZ+s8lAWvBlSAW4GsdW/00s6r2:qHEu/M+5MEsHKipCWhWqGsdGn2

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks