Overview

overview

10

Static

static

10

3a932f8a8f...18.exe

windows7-x64

10

3a932f8a8f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a932f8a8f43b84143dc0ac039c82839_JaffaCakes118

  • Size

    40KB

  • Sample

    240711-y28txsscqq

  • MD5

    3a932f8a8f43b84143dc0ac039c82839

  • SHA1

    92da96271d3433c87584b90fc54b079254d236b5

  • SHA256

    e83243f92f5509a1fa420a9162928afa77440f57d2886390866efce01b42cf81

  • SHA512

    87ca1b4d50e6c37a49759be063b3fbcd7b75643623d39da2e4faee935dae2e127a7c2cbe0a62d82ba3b6775ea527543406a7525a2c8c091bfc768b94e412095a

  • SSDEEP

    768:sE9hghdN12Ozhiow2Gkm6+c3/pBzNBwIldizoxJ:su+zMOlw2GkmS3/BldOoxJ

Score
10/10
xtremeratpersistenceratspyware

Malware Config

Targets

    • Target

      3a932f8a8f43b84143dc0ac039c82839_JaffaCakes118

    • Size

      40KB

    • MD5

      3a932f8a8f43b84143dc0ac039c82839

    • SHA1

      92da96271d3433c87584b90fc54b079254d236b5

    • SHA256

      e83243f92f5509a1fa420a9162928afa77440f57d2886390866efce01b42cf81

    • SHA512

      87ca1b4d50e6c37a49759be063b3fbcd7b75643623d39da2e4faee935dae2e127a7c2cbe0a62d82ba3b6775ea527543406a7525a2c8c091bfc768b94e412095a

    • SSDEEP

      768:sE9hghdN12Ozhiow2Gkm6+c3/pBzNBwIldizoxJ:su+zMOlw2GkmS3/BldOoxJ

    Score
    10/10
    xtremeratpersistenceratspyware

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

      persistencespywareratxtremerat

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks