Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11-07-2024 15:25

General

  • Target

    39afd06c4516e24f4451b743241bb034_JaffaCakes118.exe

  • Size

    44KB

  • MD5

    39afd06c4516e24f4451b743241bb034

  • SHA1

    a81b6979fe1e69f8189893a4c453910726963880

  • SHA256

    b5bebc966273f2a76ac08e8c8f0316fdc8ca78505285860cd890b75fbc5c6944

  • SHA512

    5538a8302e5be346451f5e8eb934503ba41a9b34afdd9edf593c710146cdaf47b6c6b291f17188800b4bf194856b55066d29aa4315acd470912071bf54760025

  • SSDEEP

    768:7Br+tjFqTPkAlfztB1lr6anosmTA/uvm2wfOTwYPIGzoiQ:VyRUHlrL1lr6an0TYuvm2auQaoiQ

Malware Config

Signatures

  • Detect XtremeRAT payload 1 IoCs
  • XtremeRAT

    The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

Processes

  • C:\Users\Admin\AppData\Local\Temp\39afd06c4516e24f4451b743241bb034_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\39afd06c4516e24f4451b743241bb034_JaffaCakes118.exe"
    1⤵
      PID:2980

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2980-0-0x0000000000C80000-0x0000000000C93000-memory.dmp

      Filesize

      76KB