General
-
Target
40cfb98a492bc887ae1e5aed7aa5f184_JaffaCakes118
-
Size
400KB
-
Sample
240713-jpbw4avcka
-
MD5
40cfb98a492bc887ae1e5aed7aa5f184
-
SHA1
2e485de356f958b6bf9eaf7e98ae2d42675fe684
-
SHA256
6847aa8cfb666661614dfb94c7625102891ca228fb138409d88f43db4537872b
-
SHA512
0409c1c39621f729c75f16c31b83bacd5429cf6767f606b44ec013f9a2c200b497a19e530f22f7de47fac3e0813a15ddce56a92d38c78979d5b2b00984b971ad
-
SSDEEP
3072:Y44rj/toaaO5FoxwXWBBZZdXWBBZZJszMoPxW:jSLxLXWBBZZdXWBBZZNoPxW
Behavioral task
behavioral1
Sample
40cfb98a492bc887ae1e5aed7aa5f184_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
40cfb98a492bc887ae1e5aed7aa5f184_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
optionsk.no-ip.biz
Targets
-
-
Target
40cfb98a492bc887ae1e5aed7aa5f184_JaffaCakes118
-
Size
400KB
-
MD5
40cfb98a492bc887ae1e5aed7aa5f184
-
SHA1
2e485de356f958b6bf9eaf7e98ae2d42675fe684
-
SHA256
6847aa8cfb666661614dfb94c7625102891ca228fb138409d88f43db4537872b
-
SHA512
0409c1c39621f729c75f16c31b83bacd5429cf6767f606b44ec013f9a2c200b497a19e530f22f7de47fac3e0813a15ddce56a92d38c78979d5b2b00984b971ad
-
SSDEEP
3072:Y44rj/toaaO5FoxwXWBBZZdXWBBZZJszMoPxW:jSLxLXWBBZZdXWBBZZNoPxW
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-