General
-
Target
35ae668959c6e65383603977430538b1_JaffaCakes118
-
Size
221KB
-
Sample
240710-vznt7asgja
-
MD5
35ae668959c6e65383603977430538b1
-
SHA1
5f1f0ea8272657650dab5738e28c82a503d7dfb0
-
SHA256
308ac25b629722963b80d1cd8f652c1df46b8e5e4dceebda330714faf533018a
-
SHA512
802da6ba428e17e086bb1c850404d5cc6094b89d5c56413bec225157956d6f6fd8d0eb403b091d2bdf2ffdce3b717229d6d2bb8c0817e976faaf8ac997ad4490
-
SSDEEP
3072:AxexkMNY+4n8iVMMS+3Gso2APwDPvZMQ8WEeMPwZ7PimjYlx+F2wz:g6k/+4nNv2vIDWzoSMK0T2wz
Static task
static1
Behavioral task
behavioral1
Sample
35ae668959c6e65383603977430538b1_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
35ae668959c6e65383603977430538b1_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
lepra.sytes.net
Targets
-
-
Target
35ae668959c6e65383603977430538b1_JaffaCakes118
-
Size
221KB
-
MD5
35ae668959c6e65383603977430538b1
-
SHA1
5f1f0ea8272657650dab5738e28c82a503d7dfb0
-
SHA256
308ac25b629722963b80d1cd8f652c1df46b8e5e4dceebda330714faf533018a
-
SHA512
802da6ba428e17e086bb1c850404d5cc6094b89d5c56413bec225157956d6f6fd8d0eb403b091d2bdf2ffdce3b717229d6d2bb8c0817e976faaf8ac997ad4490
-
SSDEEP
3072:AxexkMNY+4n8iVMMS+3Gso2APwDPvZMQ8WEeMPwZ7PimjYlx+F2wz:g6k/+4nNv2vIDWzoSMK0T2wz
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-