General
-
Target
3f34af7044c3fec1c9b0f19aefd912b0_JaffaCakes118
-
Size
463KB
-
Sample
240712-2wpqmsthkr
-
MD5
3f34af7044c3fec1c9b0f19aefd912b0
-
SHA1
d063bb4ee09427650964630baf5310970dce6558
-
SHA256
21aecb10b3c00e889d5ec02599453693f58202c05d474e79b180c73eee7aa4cd
-
SHA512
17b52bf3eded19480f05380db1ab42b1c95f2124cc46ec8d36407044dc2d128ead0508cac0d5b5343117674e27826570a71861630d896fbce7f326d9c3746814
-
SSDEEP
12288:eElAsBY7tsSu4w/5cLZqEzTIm4Xw+ulHH0:eOGps445cLZxIHXwl0
Static task
static1
Behavioral task
behavioral1
Sample
3f34af7044c3fec1c9b0f19aefd912b0_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3f34af7044c3fec1c9b0f19aefd912b0_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
3f34af7044c3fec1c9b0f19aefd912b0_JaffaCakes118
-
Size
463KB
-
MD5
3f34af7044c3fec1c9b0f19aefd912b0
-
SHA1
d063bb4ee09427650964630baf5310970dce6558
-
SHA256
21aecb10b3c00e889d5ec02599453693f58202c05d474e79b180c73eee7aa4cd
-
SHA512
17b52bf3eded19480f05380db1ab42b1c95f2124cc46ec8d36407044dc2d128ead0508cac0d5b5343117674e27826570a71861630d896fbce7f326d9c3746814
-
SSDEEP
12288:eElAsBY7tsSu4w/5cLZqEzTIm4Xw+ulHH0:eOGps445cLZxIHXwl0
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-