Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
11-07-2024 15:25
Behavioral task
behavioral1
Sample
39afd06c4516e24f4451b743241bb034_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
39afd06c4516e24f4451b743241bb034_JaffaCakes118.exe
Resource
win10v2004-20240709-en
General
-
Target
39afd06c4516e24f4451b743241bb034_JaffaCakes118.exe
-
Size
44KB
-
MD5
39afd06c4516e24f4451b743241bb034
-
SHA1
a81b6979fe1e69f8189893a4c453910726963880
-
SHA256
b5bebc966273f2a76ac08e8c8f0316fdc8ca78505285860cd890b75fbc5c6944
-
SHA512
5538a8302e5be346451f5e8eb934503ba41a9b34afdd9edf593c710146cdaf47b6c6b291f17188800b4bf194856b55066d29aa4315acd470912071bf54760025
-
SSDEEP
768:7Br+tjFqTPkAlfztB1lr6anosmTA/uvm2wfOTwYPIGzoiQ:VyRUHlrL1lr6an0TYuvm2auQaoiQ
Malware Config
Signatures
-
Detect XtremeRAT payload 1 IoCs
Processes:
resource yara_rule behavioral1/memory/2980-0-0x0000000000C80000-0x0000000000C93000-memory.dmp family_xtremerat -
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.