General

  • Target

    53010dec1ce67a060ff0ebb1e9118c97_JaffaCakes118

  • Size

    74KB

  • Sample

    240717-psz1zs1cnm

  • MD5

    53010dec1ce67a060ff0ebb1e9118c97

  • SHA1

    8afe429789dd91b0157a9d963db0466808a22c1e

  • SHA256

    ae25a37508e3e5d60f169d4877ed25c4c533a497b2cc1d1f548159681bc31939

  • SHA512

    60b4f73f9a3154299155f405c6cc32356da99c7cab54499d3193504cf24801af5ae05ed9728caf706ad14b6ed7d44bed932c249f2f2f01c4290f578557e30b5e

  • SSDEEP

    1536:gCp7yIrFOg5egWPtWqdVZvClhqE0UX+xkXJ6HsdCqp:PjFOdgWUqdjGYE01xnoZ

Malware Config

Targets

    • Target

      53010dec1ce67a060ff0ebb1e9118c97_JaffaCakes118

    • Size

      74KB

    • MD5

      53010dec1ce67a060ff0ebb1e9118c97

    • SHA1

      8afe429789dd91b0157a9d963db0466808a22c1e

    • SHA256

      ae25a37508e3e5d60f169d4877ed25c4c533a497b2cc1d1f548159681bc31939

    • SHA512

      60b4f73f9a3154299155f405c6cc32356da99c7cab54499d3193504cf24801af5ae05ed9728caf706ad14b6ed7d44bed932c249f2f2f01c4290f578557e30b5e

    • SSDEEP

      1536:gCp7yIrFOg5egWPtWqdVZvClhqE0UX+xkXJ6HsdCqp:PjFOdgWUqdjGYE01xnoZ

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks