General
-
Target
3eb70e8810bb6e3a2e73191f013c0324_JaffaCakes118
-
Size
362KB
-
Sample
240712-yxdszs1apd
-
MD5
3eb70e8810bb6e3a2e73191f013c0324
-
SHA1
5edd67328a5ce341d99d22b1ff1fdca74e1f3a16
-
SHA256
81f4d88a7fd8d0cb642ea142b07d41edc756f6fdc3a61515186e213e080d1d65
-
SHA512
3a9c4b56c274163a3134bb5abf438cdebc50037af97bba7f174e673689c63b778a144f98c9d6785b047705e3252b632b1df6e73d044a4f16c3ca3cc9b49731a7
-
SSDEEP
6144:eKoS4DZ3A+E0I8IQB2vI1CDitFuZtzzk7fPxSnyVNck/iPJgsROBevh+1HNX467L:PoS493ACIl7vI1kiqHNnyVek/a4QmHNF
Static task
static1
Behavioral task
behavioral1
Sample
3eb70e8810bb6e3a2e73191f013c0324_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
3eb70e8810bb6e3a2e73191f013c0324_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
3eb70e8810bb6e3a2e73191f013c0324_JaffaCakes118
-
Size
362KB
-
MD5
3eb70e8810bb6e3a2e73191f013c0324
-
SHA1
5edd67328a5ce341d99d22b1ff1fdca74e1f3a16
-
SHA256
81f4d88a7fd8d0cb642ea142b07d41edc756f6fdc3a61515186e213e080d1d65
-
SHA512
3a9c4b56c274163a3134bb5abf438cdebc50037af97bba7f174e673689c63b778a144f98c9d6785b047705e3252b632b1df6e73d044a4f16c3ca3cc9b49731a7
-
SSDEEP
6144:eKoS4DZ3A+E0I8IQB2vI1CDitFuZtzzk7fPxSnyVNck/iPJgsROBevh+1HNX467L:PoS493ACIl7vI1kiqHNnyVek/a4QmHNF
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-