General
-
Target
4eee159abe15465cbfda76691299210f_JaffaCakes118
-
Size
212KB
-
Sample
240716-svhq9ssakf
-
MD5
4eee159abe15465cbfda76691299210f
-
SHA1
c87819e76e5f2a8a6138f52eb0b3b0bc9b26f5ab
-
SHA256
e0d466aaa7404635283ce504bcd5dbe14ad8b54b64e4afe5d77e77d36a585e7d
-
SHA512
71495cb3bf9fd7850ff1c130ab18e44792b915d9ae1ce1b922d605476c516ae718ee3342a7fc8d757cc3839e4089844934e4cdf7245f9ad370c5dff431fd363a
-
SSDEEP
6144:r4LCTBhKRzq3zUh7Hun1IPTengGZ/kWjX:r4OTKlh7HKETqgKMWjX
Static task
static1
Behavioral task
behavioral1
Sample
4eee159abe15465cbfda76691299210f_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4eee159abe15465cbfda76691299210f_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
4eee159abe15465cbfda76691299210f_JaffaCakes118
-
Size
212KB
-
MD5
4eee159abe15465cbfda76691299210f
-
SHA1
c87819e76e5f2a8a6138f52eb0b3b0bc9b26f5ab
-
SHA256
e0d466aaa7404635283ce504bcd5dbe14ad8b54b64e4afe5d77e77d36a585e7d
-
SHA512
71495cb3bf9fd7850ff1c130ab18e44792b915d9ae1ce1b922d605476c516ae718ee3342a7fc8d757cc3839e4089844934e4cdf7245f9ad370c5dff431fd363a
-
SSDEEP
6144:r4LCTBhKRzq3zUh7Hun1IPTengGZ/kWjX:r4OTKlh7HKETqgKMWjX
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-