General
-
Target
40dcae8ca7b8fdca2910659c36146277_JaffaCakes118
-
Size
283KB
-
Sample
240713-jzr13ashlr
-
MD5
40dcae8ca7b8fdca2910659c36146277
-
SHA1
11b6800d56d2ce79a918e218d6619b238fe79946
-
SHA256
f91931e87c589998fc0fff289707e040d25ad00c682cb91f164c2e997eaaab07
-
SHA512
ffd3f3b3745b583a91c0a996f64ca56d9ba9b71855771fa404a6d7a0a48e6d93aacf0d6f413a154ec53917ba0492453191385e20a0285d30b114cada37a0ab68
-
SSDEEP
768:QGsdq7QJTlbUP3EwomeRih8jLlLDhKDSGU2+rD7+SLgEHYX:Dsdq7QgP0ZNWb+nYX
Behavioral task
behavioral1
Sample
40dcae8ca7b8fdca2910659c36146277_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
40dcae8ca7b8fdca2910659c36146277_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
fons.no-ip.info
C:\Users\Publfons.no-ip.biz
Targets
-
-
Target
40dcae8ca7b8fdca2910659c36146277_JaffaCakes118
-
Size
283KB
-
MD5
40dcae8ca7b8fdca2910659c36146277
-
SHA1
11b6800d56d2ce79a918e218d6619b238fe79946
-
SHA256
f91931e87c589998fc0fff289707e040d25ad00c682cb91f164c2e997eaaab07
-
SHA512
ffd3f3b3745b583a91c0a996f64ca56d9ba9b71855771fa404a6d7a0a48e6d93aacf0d6f413a154ec53917ba0492453191385e20a0285d30b114cada37a0ab68
-
SSDEEP
768:QGsdq7QJTlbUP3EwomeRih8jLlLDhKDSGU2+rD7+SLgEHYX:Dsdq7QgP0ZNWb+nYX
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-