General
-
Target
3481705c04267f0a0dce285beb4b3e3d_JaffaCakes118
-
Size
187KB
-
Sample
240710-nfqfcaxajg
-
MD5
3481705c04267f0a0dce285beb4b3e3d
-
SHA1
df5c4c5743f17c82f184956ec753a8fb905321de
-
SHA256
c1d96230e7663b4f5dbc3b36ddbdd6fa4316b159e2ce12d6cbdcf8a9df1ea999
-
SHA512
3d7b07d1b15b2cf3aec5e6f7fe32b4757baf5918fb493aea026d51977d80094ca656d75ecc2d28a29d1149fb31f2432d9ffdf37cb5b6ada017f71a4b0caff75d
-
SSDEEP
3072:YptxZGwEu/fCqEk2I5UWMEseqNKipCZ+s8lAWvBlSAW4GsdW/00s6r2:qHEu/M+5MEsHKipCWhWqGsdGn2
Static task
static1
Behavioral task
behavioral1
Sample
3481705c04267f0a0dce285beb4b3e3d_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3481705c04267f0a0dce285beb4b3e3d_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
3481705c04267f0a0dce285beb4b3e3d_JaffaCakes118
-
Size
187KB
-
MD5
3481705c04267f0a0dce285beb4b3e3d
-
SHA1
df5c4c5743f17c82f184956ec753a8fb905321de
-
SHA256
c1d96230e7663b4f5dbc3b36ddbdd6fa4316b159e2ce12d6cbdcf8a9df1ea999
-
SHA512
3d7b07d1b15b2cf3aec5e6f7fe32b4757baf5918fb493aea026d51977d80094ca656d75ecc2d28a29d1149fb31f2432d9ffdf37cb5b6ada017f71a4b0caff75d
-
SSDEEP
3072:YptxZGwEu/fCqEk2I5UWMEseqNKipCZ+s8lAWvBlSAW4GsdW/00s6r2:qHEu/M+5MEsHKipCWhWqGsdGn2
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-