General

  • Target

    5102a8088447651ce156480841fe6c6d_JaffaCakes118

  • Size

    264KB

  • Sample

    240717-cdc7fstejf

  • MD5

    5102a8088447651ce156480841fe6c6d

  • SHA1

    65940bd3d302aa2b1e7e058a099e3c7658f3e5c6

  • SHA256

    9e62c0227b202305178d50bd85d94a259fc72d760c9046d92412e2be92f8282f

  • SHA512

    843a694a10778bb4496366f7d04fd69b0cf9850eb6d72ec80b4bb6d478ba6f45c98dc1dd06afb274bae1df97418f1fdb34ebcaab5b460adda02a506ab625e57a

  • SSDEEP

    1536:2STgfmMeJnADIlxhyiXSRQAKhKZVLMxrP91RFhuA:UfQEIlrXSSAsaVg1RSA

Malware Config

Targets

    • Target

      5102a8088447651ce156480841fe6c6d_JaffaCakes118

    • Size

      264KB

    • MD5

      5102a8088447651ce156480841fe6c6d

    • SHA1

      65940bd3d302aa2b1e7e058a099e3c7658f3e5c6

    • SHA256

      9e62c0227b202305178d50bd85d94a259fc72d760c9046d92412e2be92f8282f

    • SHA512

      843a694a10778bb4496366f7d04fd69b0cf9850eb6d72ec80b4bb6d478ba6f45c98dc1dd06afb274bae1df97418f1fdb34ebcaab5b460adda02a506ab625e57a

    • SSDEEP

      1536:2STgfmMeJnADIlxhyiXSRQAKhKZVLMxrP91RFhuA:UfQEIlrXSSAsaVg1RSA

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks