General
-
Target
50fdb6f324fd4ab006d8a6955f031873_JaffaCakes118
-
Size
73KB
-
Sample
240717-caqnda1ajp
-
MD5
50fdb6f324fd4ab006d8a6955f031873
-
SHA1
789e595ef3309dd097b1088573372b1bf93d7420
-
SHA256
3dbe997dbe64743e6410fa3365940ba261710e7130806e9793603780b8d383f7
-
SHA512
acd5c5a52d054a500ba5812a74865cfe6324b3f508c8c3ac8701d9410472f1ea2dd14dad1d3e5709bf9e1e1c289443f2cb52798341f6270cf5a05cf4bfa6e2c2
-
SSDEEP
1536:HGFJkVFLP7BZ4OImlKJjQjweI8uY37BZohu2QfTHSyxS:msrP34OIq3q145hxS
Static task
static1
Behavioral task
behavioral1
Sample
50fdb6f324fd4ab006d8a6955f031873_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
50fdb6f324fd4ab006d8a6955f031873_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
50fdb6f324fd4ab006d8a6955f031873_JaffaCakes118
-
Size
73KB
-
MD5
50fdb6f324fd4ab006d8a6955f031873
-
SHA1
789e595ef3309dd097b1088573372b1bf93d7420
-
SHA256
3dbe997dbe64743e6410fa3365940ba261710e7130806e9793603780b8d383f7
-
SHA512
acd5c5a52d054a500ba5812a74865cfe6324b3f508c8c3ac8701d9410472f1ea2dd14dad1d3e5709bf9e1e1c289443f2cb52798341f6270cf5a05cf4bfa6e2c2
-
SSDEEP
1536:HGFJkVFLP7BZ4OImlKJjQjweI8uY37BZohu2QfTHSyxS:msrP34OIq3q145hxS
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-