General
-
Target
40b6f13bed6b09c146417e8753d79bd9_JaffaCakes118
-
Size
40KB
-
Sample
240713-h61q4stejf
-
MD5
40b6f13bed6b09c146417e8753d79bd9
-
SHA1
c0559e5ad553acb98f45f39e7fb2805e0aa13e14
-
SHA256
264f08b329d4410271eff83db3198f7f42cc1fb7996878ebc2dea102d1b6f8e8
-
SHA512
798703737ae7450b57651b31e5c06cfe757c1f37338dfdb02fd9e21d89660ef93dc8f303290913c0b1a07417ba6b89b09505ec6cad9af0a881fa8eeeb1af96aa
-
SSDEEP
768:jjups9Xmn9VyMltWqPsJQYCOGpVTY6gAmi/GYkNCK0mJGPJxMLoIi:IiWnWjqP0QYzGp7ghCkd0mJV
Static task
static1
Behavioral task
behavioral1
Sample
40b6f13bed6b09c146417e8753d79bd9_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
40b6f13bed6b09c146417e8753d79bd9_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
www.youtube.com
lifehelp.sytes.net
Targets
-
-
Target
40b6f13bed6b09c146417e8753d79bd9_JaffaCakes118
-
Size
40KB
-
MD5
40b6f13bed6b09c146417e8753d79bd9
-
SHA1
c0559e5ad553acb98f45f39e7fb2805e0aa13e14
-
SHA256
264f08b329d4410271eff83db3198f7f42cc1fb7996878ebc2dea102d1b6f8e8
-
SHA512
798703737ae7450b57651b31e5c06cfe757c1f37338dfdb02fd9e21d89660ef93dc8f303290913c0b1a07417ba6b89b09505ec6cad9af0a881fa8eeeb1af96aa
-
SSDEEP
768:jjups9Xmn9VyMltWqPsJQYCOGpVTY6gAmi/GYkNCK0mJGPJxMLoIi:IiWnWjqP0QYzGp7ghCkd0mJV
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Blocklisted process makes network request
-