General

  • Target

    38808ef1e984d00a2ac26b822b553ca2_JaffaCakes118

  • Size

    37KB

  • Sample

    240711-k2565szblk

  • MD5

    38808ef1e984d00a2ac26b822b553ca2

  • SHA1

    081a5205c01d604d521a0739bbb6dac54e52bf60

  • SHA256

    3f3ed2c3cc5cc6a23f09cee7c223ada9b97fa745a81c4a533d1f2597e462c9c9

  • SHA512

    641c29f58a29f068171cf51a273a224849622bae15669e6513dbfe94b30060a15fe0279bf354ed0dae862bff84543118acea399d61bad298ff6dc57d0aa34ae6

  • SSDEEP

    768:TMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lzVxb22I+KFUGr2:oNW71rcYDAWeotvXlhxa2Ipt

Malware Config

Extracted

Family

xtremerat

C2

mamon.zapto.org

Targets

    • Target

      38808ef1e984d00a2ac26b822b553ca2_JaffaCakes118

    • Size

      37KB

    • MD5

      38808ef1e984d00a2ac26b822b553ca2

    • SHA1

      081a5205c01d604d521a0739bbb6dac54e52bf60

    • SHA256

      3f3ed2c3cc5cc6a23f09cee7c223ada9b97fa745a81c4a533d1f2597e462c9c9

    • SHA512

      641c29f58a29f068171cf51a273a224849622bae15669e6513dbfe94b30060a15fe0279bf354ed0dae862bff84543118acea399d61bad298ff6dc57d0aa34ae6

    • SSDEEP

      768:TMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lzVxb22I+KFUGr2:oNW71rcYDAWeotvXlhxa2Ipt

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks