General

  • Target

    592bab2c3b5d94a2f3a4f95e597abe84_JaffaCakes118

  • Size

    223KB

  • Sample

    240718-1gvgxaxepj

  • MD5

    592bab2c3b5d94a2f3a4f95e597abe84

  • SHA1

    16a9bc0f7e98a3e9585236340a3eebebaefd2174

  • SHA256

    73227ac9a9dd1cf1693ffc726c7102ad7fd2e9c74973459c2d67ae945684f2ee

  • SHA512

    ec5536c95353343a1656819c4d6d1dc4049491bfe3bd2a86d3f07d6cdded364876344268a7e1701939e322abc0e527ec971792995e2738e273e9e13a0557fa21

  • SSDEEP

    3072:+mZlKlEzDq60vSgHbem3myQ8E09JVFyqTGbN5QvuS6nqx3s5/nTZxPcSCAppuBZn:+1bTbykdfYbyPqFC44X

Malware Config

Targets

    • Target

      592bab2c3b5d94a2f3a4f95e597abe84_JaffaCakes118

    • Size

      223KB

    • MD5

      592bab2c3b5d94a2f3a4f95e597abe84

    • SHA1

      16a9bc0f7e98a3e9585236340a3eebebaefd2174

    • SHA256

      73227ac9a9dd1cf1693ffc726c7102ad7fd2e9c74973459c2d67ae945684f2ee

    • SHA512

      ec5536c95353343a1656819c4d6d1dc4049491bfe3bd2a86d3f07d6cdded364876344268a7e1701939e322abc0e527ec971792995e2738e273e9e13a0557fa21

    • SSDEEP

      3072:+mZlKlEzDq60vSgHbem3myQ8E09JVFyqTGbN5QvuS6nqx3s5/nTZxPcSCAppuBZn:+1bTbykdfYbyPqFC44X

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks