General
-
Target
52ffa72dedadf8d109586d5a33dcee95_JaffaCakes118
-
Size
417KB
-
Sample
240717-pr24ystfjc
-
MD5
52ffa72dedadf8d109586d5a33dcee95
-
SHA1
c250a38327c0d817400a1bf628fb5244d6347ec2
-
SHA256
8f779782329b8f2bfecb72532b70a3f6bc196d3e5cb096ac3790e9d3ec9921aa
-
SHA512
73af24392b594dc2f286bcdf82eb14b749a68d509ed75445ff4502afbfe96401fea9bab2a2f1f712c7663534e2423ff71415bd5266748a2d7e0b135b0cbdcf77
-
SSDEEP
12288:x57qSYh+Tu1lxHxCgpcAnirLS9Mm5W2aZ:n7jYhcExN0i9Msc
Static task
static1
Behavioral task
behavioral1
Sample
52ffa72dedadf8d109586d5a33dcee95_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
52ffa72dedadf8d109586d5a33dcee95_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
52ffa72dedadf8d109586d5a33dcee95_JaffaCakes118
-
Size
417KB
-
MD5
52ffa72dedadf8d109586d5a33dcee95
-
SHA1
c250a38327c0d817400a1bf628fb5244d6347ec2
-
SHA256
8f779782329b8f2bfecb72532b70a3f6bc196d3e5cb096ac3790e9d3ec9921aa
-
SHA512
73af24392b594dc2f286bcdf82eb14b749a68d509ed75445ff4502afbfe96401fea9bab2a2f1f712c7663534e2423ff71415bd5266748a2d7e0b135b0cbdcf77
-
SSDEEP
12288:x57qSYh+Tu1lxHxCgpcAnirLS9Mm5W2aZ:n7jYhcExN0i9Msc
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-