General

  • Target

    5945db6bc348890fd501498f01d2d865_JaffaCakes118

  • Size

    33KB

  • Sample

    240718-12v9yayfmn

  • MD5

    5945db6bc348890fd501498f01d2d865

  • SHA1

    92a785cb5a412173d2d3a746c648ebdc4f40d1bf

  • SHA256

    e5e9e977fa22bab01ccd34bcacdc5219c18c6c1b2c91e3ba3429e7e5838b07ed

  • SHA512

    bb84651eb14c2fe8d740bbb801d0b66baec2e7c36a7b72c43eb7b3914265ddb12f9d35eebda79ccc493b1f6db4ebc64b23fdcb00af0474586ef4b6cb5761c512

  • SSDEEP

    768:4MuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66letz7VaZV:RNW71rcYDAWeotvXlkIZ

Malware Config

Extracted

Family

xtremerat

C2

qe3rw.zapto.org

Targets

    • Target

      5945db6bc348890fd501498f01d2d865_JaffaCakes118

    • Size

      33KB

    • MD5

      5945db6bc348890fd501498f01d2d865

    • SHA1

      92a785cb5a412173d2d3a746c648ebdc4f40d1bf

    • SHA256

      e5e9e977fa22bab01ccd34bcacdc5219c18c6c1b2c91e3ba3429e7e5838b07ed

    • SHA512

      bb84651eb14c2fe8d740bbb801d0b66baec2e7c36a7b72c43eb7b3914265ddb12f9d35eebda79ccc493b1f6db4ebc64b23fdcb00af0474586ef4b6cb5761c512

    • SSDEEP

      768:4MuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66letz7VaZV:RNW71rcYDAWeotvXlkIZ

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks