General
-
Target
38ad31732411d7687e516cc568cdf109_JaffaCakes118
-
Size
483KB
-
Sample
240711-l37xssthna
-
MD5
38ad31732411d7687e516cc568cdf109
-
SHA1
433eae746eabd5d2d5035bc1737396fe3cf0b562
-
SHA256
982a254f0e3c96b008a2b06e46e9d3f09b1902cdfe5a16e625fbe53c4aa1ba12
-
SHA512
6465d042944e3e345e56ca5cd04387dffbf3f1130cdb7a2f1d1a4c5f42fc0e561766d876f743ac2106287e577ce8234bcbc9c490f05c1109f99229afa0eb53bd
-
SSDEEP
12288:yZKhjuTzjm5EavubYMSDAAJPjQXAE9+IYToBE/o:2wuTzK5FvubL8jbQXAE9+IYeyo
Behavioral task
behavioral1
Sample
38ad31732411d7687e516cc568cdf109_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
xtremerat
hot-pics.hopto.org
Targets
-
-
Target
38ad31732411d7687e516cc568cdf109_JaffaCakes118
-
Size
483KB
-
MD5
38ad31732411d7687e516cc568cdf109
-
SHA1
433eae746eabd5d2d5035bc1737396fe3cf0b562
-
SHA256
982a254f0e3c96b008a2b06e46e9d3f09b1902cdfe5a16e625fbe53c4aa1ba12
-
SHA512
6465d042944e3e345e56ca5cd04387dffbf3f1130cdb7a2f1d1a4c5f42fc0e561766d876f743ac2106287e577ce8234bcbc9c490f05c1109f99229afa0eb53bd
-
SSDEEP
12288:yZKhjuTzjm5EavubYMSDAAJPjQXAE9+IYToBE/o:2wuTzK5FvubL8jbQXAE9+IYeyo
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-