General
-
Target
40b107a71805ea594a505660705afcd7_JaffaCakes118
-
Size
33KB
-
Sample
240713-h2zm9atclb
-
MD5
40b107a71805ea594a505660705afcd7
-
SHA1
f9474b6dc786a7c314aa01907c765a6277d65702
-
SHA256
14afcde38e2a17926b086153747e3292e128cc4a49c691e76c5f62f621ebd334
-
SHA512
4ee084877ed570ee531073fa5a60bafd6a66fd779d9be06804a3611afbb4fda835d83b0d42b1306ac46a3bae6cdcb0852de58b37eb32f933e06d7d8b1286f211
-
SSDEEP
768:gMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lLLSPi8S:pNW71rcYDAWeotvXlLLSPn
Behavioral task
behavioral1
Sample
40b107a71805ea594a505660705afcd7_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
40b107a71805ea594a505660705afcd7_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
Gdoit192.no-ip.info
Targets
-
-
Target
40b107a71805ea594a505660705afcd7_JaffaCakes118
-
Size
33KB
-
MD5
40b107a71805ea594a505660705afcd7
-
SHA1
f9474b6dc786a7c314aa01907c765a6277d65702
-
SHA256
14afcde38e2a17926b086153747e3292e128cc4a49c691e76c5f62f621ebd334
-
SHA512
4ee084877ed570ee531073fa5a60bafd6a66fd779d9be06804a3611afbb4fda835d83b0d42b1306ac46a3bae6cdcb0852de58b37eb32f933e06d7d8b1286f211
-
SSDEEP
768:gMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lLLSPi8S:pNW71rcYDAWeotvXlLLSPn
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-