General

  • Target

    4eee159abe15465cbfda76691299210f_JaffaCakes118

  • Size

    212KB

  • Sample

    240716-svhq9ssakf

  • MD5

    4eee159abe15465cbfda76691299210f

  • SHA1

    c87819e76e5f2a8a6138f52eb0b3b0bc9b26f5ab

  • SHA256

    e0d466aaa7404635283ce504bcd5dbe14ad8b54b64e4afe5d77e77d36a585e7d

  • SHA512

    71495cb3bf9fd7850ff1c130ab18e44792b915d9ae1ce1b922d605476c516ae718ee3342a7fc8d757cc3839e4089844934e4cdf7245f9ad370c5dff431fd363a

  • SSDEEP

    6144:r4LCTBhKRzq3zUh7Hun1IPTengGZ/kWjX:r4OTKlh7HKETqgKMWjX

Malware Config

Targets

    • Target

      4eee159abe15465cbfda76691299210f_JaffaCakes118

    • Size

      212KB

    • MD5

      4eee159abe15465cbfda76691299210f

    • SHA1

      c87819e76e5f2a8a6138f52eb0b3b0bc9b26f5ab

    • SHA256

      e0d466aaa7404635283ce504bcd5dbe14ad8b54b64e4afe5d77e77d36a585e7d

    • SHA512

      71495cb3bf9fd7850ff1c130ab18e44792b915d9ae1ce1b922d605476c516ae718ee3342a7fc8d757cc3839e4089844934e4cdf7245f9ad370c5dff431fd363a

    • SSDEEP

      6144:r4LCTBhKRzq3zUh7Hun1IPTengGZ/kWjX:r4OTKlh7HKETqgKMWjX

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

MITRE ATT&CK Enterprise v15

Tasks