General
-
Target
5102a8088447651ce156480841fe6c6d_JaffaCakes118
-
Size
264KB
-
Sample
240717-cdc7fstejf
-
MD5
5102a8088447651ce156480841fe6c6d
-
SHA1
65940bd3d302aa2b1e7e058a099e3c7658f3e5c6
-
SHA256
9e62c0227b202305178d50bd85d94a259fc72d760c9046d92412e2be92f8282f
-
SHA512
843a694a10778bb4496366f7d04fd69b0cf9850eb6d72ec80b4bb6d478ba6f45c98dc1dd06afb274bae1df97418f1fdb34ebcaab5b460adda02a506ab625e57a
-
SSDEEP
1536:2STgfmMeJnADIlxhyiXSRQAKhKZVLMxrP91RFhuA:UfQEIlrXSSAsaVg1RSA
Static task
static1
Behavioral task
behavioral1
Sample
5102a8088447651ce156480841fe6c6d_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5102a8088447651ce156480841fe6c6d_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
5102a8088447651ce156480841fe6c6d_JaffaCakes118
-
Size
264KB
-
MD5
5102a8088447651ce156480841fe6c6d
-
SHA1
65940bd3d302aa2b1e7e058a099e3c7658f3e5c6
-
SHA256
9e62c0227b202305178d50bd85d94a259fc72d760c9046d92412e2be92f8282f
-
SHA512
843a694a10778bb4496366f7d04fd69b0cf9850eb6d72ec80b4bb6d478ba6f45c98dc1dd06afb274bae1df97418f1fdb34ebcaab5b460adda02a506ab625e57a
-
SSDEEP
1536:2STgfmMeJnADIlxhyiXSRQAKhKZVLMxrP91RFhuA:UfQEIlrXSSAsaVg1RSA
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-