General

  • Target

    350b7a0aefab681a55b6d28c8f661fed_JaffaCakes118

  • Size

    31KB

  • Sample

    240710-rfdy4avbpe

  • MD5

    350b7a0aefab681a55b6d28c8f661fed

  • SHA1

    4b5024e292f6b62d0d26a49bd2176502f6a0611f

  • SHA256

    c2c4e299c4dc7aef5bbb4385b81eb5bc1062b1f6ea12ff929e983b29f0b61212

  • SHA512

    724eea617f0218ed6a44b6d5f01dfc7649f84bbc6ac9972f3ab7af3731d0155b088a700d3aeb1459573caa9610c98c800c2079a5ff6770738667369072a709b8

  • SSDEEP

    768:rsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jftid:QNW70x6ALBwatW

Malware Config

Extracted

Family

xtremerat

C2

ayarbaban.no-ip.biz

Targets

    • Target

      350b7a0aefab681a55b6d28c8f661fed_JaffaCakes118

    • Size

      31KB

    • MD5

      350b7a0aefab681a55b6d28c8f661fed

    • SHA1

      4b5024e292f6b62d0d26a49bd2176502f6a0611f

    • SHA256

      c2c4e299c4dc7aef5bbb4385b81eb5bc1062b1f6ea12ff929e983b29f0b61212

    • SHA512

      724eea617f0218ed6a44b6d5f01dfc7649f84bbc6ac9972f3ab7af3731d0155b088a700d3aeb1459573caa9610c98c800c2079a5ff6770738667369072a709b8

    • SSDEEP

      768:rsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jftid:QNW70x6ALBwatW

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks