General
-
Target
413ac3800e818b4959ea5f3f8916385f_JaffaCakes118
-
Size
300KB
-
Sample
240713-l494jsydph
-
MD5
413ac3800e818b4959ea5f3f8916385f
-
SHA1
e99ec98a7b286f0e23e2daa5c599cb31653982aa
-
SHA256
5ae8177056a6a129fffdd63059f1021ed75424d2c64f5e22214af3b604532609
-
SHA512
0fe3e83f66584666f2f30795783894a8b9903d26cedbdee9e180dbb9fa8794c84dc3ef9d3ef90c635c2741e4cfe67d9dbe2d0651aeb11472a089091ca1d25f21
-
SSDEEP
3072:LIZn0wUdjzJwKWt+VrqRHgG5FOEYYKvYut1mQbISR3oJWVrqRHgG5FOEYYKvYutY:7ZrqRHuxYK91mQbISRiKrqRHuxYK9Y
Static task
static1
Behavioral task
behavioral1
Sample
413ac3800e818b4959ea5f3f8916385f_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
413ac3800e818b4959ea5f3f8916385f_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
413ac3800e818b4959ea5f3f8916385f_JaffaCakes118
-
Size
300KB
-
MD5
413ac3800e818b4959ea5f3f8916385f
-
SHA1
e99ec98a7b286f0e23e2daa5c599cb31653982aa
-
SHA256
5ae8177056a6a129fffdd63059f1021ed75424d2c64f5e22214af3b604532609
-
SHA512
0fe3e83f66584666f2f30795783894a8b9903d26cedbdee9e180dbb9fa8794c84dc3ef9d3ef90c635c2741e4cfe67d9dbe2d0651aeb11472a089091ca1d25f21
-
SSDEEP
3072:LIZn0wUdjzJwKWt+VrqRHgG5FOEYYKvYut1mQbISR3oJWVrqRHgG5FOEYYKvYutY:7ZrqRHuxYK91mQbISRiKrqRHuxYK9Y
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-