General
-
Target
52befaaee1ab0236392c06e318249396_JaffaCakes118
-
Size
43KB
-
Sample
240717-nc13ns1ekf
-
MD5
52befaaee1ab0236392c06e318249396
-
SHA1
f04d3c724006b73ac6b8d893cc933b20a922025d
-
SHA256
33093d2d855d53948c6626d0496dccd0a707679a8d5a803ddff7c6433711792f
-
SHA512
9e888f0474886487d8a8de0e4fb5bcb16b0ee4cd995c67b19ed10c34ce42f5ba2e9bfdb2f2078619afee64dec2f68abf9f852f760f5a0ecd2ba75aea17c29625
-
SSDEEP
768:YMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66legLSqTi8BH1b5vwdej:xNW71rcYDAWeotvXlegm38JV5vwdej
Behavioral task
behavioral1
Sample
52befaaee1ab0236392c06e318249396_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
52befaaee1ab0236392c06e318249396_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
gaetano1997.no-ip.org
Targets
-
-
Target
52befaaee1ab0236392c06e318249396_JaffaCakes118
-
Size
43KB
-
MD5
52befaaee1ab0236392c06e318249396
-
SHA1
f04d3c724006b73ac6b8d893cc933b20a922025d
-
SHA256
33093d2d855d53948c6626d0496dccd0a707679a8d5a803ddff7c6433711792f
-
SHA512
9e888f0474886487d8a8de0e4fb5bcb16b0ee4cd995c67b19ed10c34ce42f5ba2e9bfdb2f2078619afee64dec2f68abf9f852f760f5a0ecd2ba75aea17c29625
-
SSDEEP
768:YMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66legLSqTi8BH1b5vwdej:xNW71rcYDAWeotvXlegm38JV5vwdej
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Drops file in System32 directory
-