General

  • Target

    3eb70e8810bb6e3a2e73191f013c0324_JaffaCakes118

  • Size

    362KB

  • Sample

    240712-yxdszs1apd

  • MD5

    3eb70e8810bb6e3a2e73191f013c0324

  • SHA1

    5edd67328a5ce341d99d22b1ff1fdca74e1f3a16

  • SHA256

    81f4d88a7fd8d0cb642ea142b07d41edc756f6fdc3a61515186e213e080d1d65

  • SHA512

    3a9c4b56c274163a3134bb5abf438cdebc50037af97bba7f174e673689c63b778a144f98c9d6785b047705e3252b632b1df6e73d044a4f16c3ca3cc9b49731a7

  • SSDEEP

    6144:eKoS4DZ3A+E0I8IQB2vI1CDitFuZtzzk7fPxSnyVNck/iPJgsROBevh+1HNX467L:PoS493ACIl7vI1kiqHNnyVek/a4QmHNF

Malware Config

Targets

    • Target

      3eb70e8810bb6e3a2e73191f013c0324_JaffaCakes118

    • Size

      362KB

    • MD5

      3eb70e8810bb6e3a2e73191f013c0324

    • SHA1

      5edd67328a5ce341d99d22b1ff1fdca74e1f3a16

    • SHA256

      81f4d88a7fd8d0cb642ea142b07d41edc756f6fdc3a61515186e213e080d1d65

    • SHA512

      3a9c4b56c274163a3134bb5abf438cdebc50037af97bba7f174e673689c63b778a144f98c9d6785b047705e3252b632b1df6e73d044a4f16c3ca3cc9b49731a7

    • SSDEEP

      6144:eKoS4DZ3A+E0I8IQB2vI1CDitFuZtzzk7fPxSnyVNck/iPJgsROBevh+1HNX467L:PoS493ACIl7vI1kiqHNnyVek/a4QmHNF

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks