General
-
Target
350b7a0aefab681a55b6d28c8f661fed_JaffaCakes118
-
Size
31KB
-
Sample
240710-rfdy4avbpe
-
MD5
350b7a0aefab681a55b6d28c8f661fed
-
SHA1
4b5024e292f6b62d0d26a49bd2176502f6a0611f
-
SHA256
c2c4e299c4dc7aef5bbb4385b81eb5bc1062b1f6ea12ff929e983b29f0b61212
-
SHA512
724eea617f0218ed6a44b6d5f01dfc7649f84bbc6ac9972f3ab7af3731d0155b088a700d3aeb1459573caa9610c98c800c2079a5ff6770738667369072a709b8
-
SSDEEP
768:rsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jftid:QNW70x6ALBwatW
Behavioral task
behavioral1
Sample
350b7a0aefab681a55b6d28c8f661fed_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
350b7a0aefab681a55b6d28c8f661fed_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
ayarbaban.no-ip.biz
Targets
-
-
Target
350b7a0aefab681a55b6d28c8f661fed_JaffaCakes118
-
Size
31KB
-
MD5
350b7a0aefab681a55b6d28c8f661fed
-
SHA1
4b5024e292f6b62d0d26a49bd2176502f6a0611f
-
SHA256
c2c4e299c4dc7aef5bbb4385b81eb5bc1062b1f6ea12ff929e983b29f0b61212
-
SHA512
724eea617f0218ed6a44b6d5f01dfc7649f84bbc6ac9972f3ab7af3731d0155b088a700d3aeb1459573caa9610c98c800c2079a5ff6770738667369072a709b8
-
SSDEEP
768:rsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jftid:QNW70x6ALBwatW
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-