General
-
Target
53010dec1ce67a060ff0ebb1e9118c97_JaffaCakes118
-
Size
74KB
-
Sample
240717-psz1zs1cnm
-
MD5
53010dec1ce67a060ff0ebb1e9118c97
-
SHA1
8afe429789dd91b0157a9d963db0466808a22c1e
-
SHA256
ae25a37508e3e5d60f169d4877ed25c4c533a497b2cc1d1f548159681bc31939
-
SHA512
60b4f73f9a3154299155f405c6cc32356da99c7cab54499d3193504cf24801af5ae05ed9728caf706ad14b6ed7d44bed932c249f2f2f01c4290f578557e30b5e
-
SSDEEP
1536:gCp7yIrFOg5egWPtWqdVZvClhqE0UX+xkXJ6HsdCqp:PjFOdgWUqdjGYE01xnoZ
Static task
static1
Behavioral task
behavioral1
Sample
53010dec1ce67a060ff0ebb1e9118c97_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
53010dec1ce67a060ff0ebb1e9118c97_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
53010dec1ce67a060ff0ebb1e9118c97_JaffaCakes118
-
Size
74KB
-
MD5
53010dec1ce67a060ff0ebb1e9118c97
-
SHA1
8afe429789dd91b0157a9d963db0466808a22c1e
-
SHA256
ae25a37508e3e5d60f169d4877ed25c4c533a497b2cc1d1f548159681bc31939
-
SHA512
60b4f73f9a3154299155f405c6cc32356da99c7cab54499d3193504cf24801af5ae05ed9728caf706ad14b6ed7d44bed932c249f2f2f01c4290f578557e30b5e
-
SSDEEP
1536:gCp7yIrFOg5egWPtWqdVZvClhqE0UX+xkXJ6HsdCqp:PjFOdgWUqdjGYE01xnoZ
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-