General
-
Target
592bab2c3b5d94a2f3a4f95e597abe84_JaffaCakes118
-
Size
223KB
-
Sample
240718-1gvgxaxepj
-
MD5
592bab2c3b5d94a2f3a4f95e597abe84
-
SHA1
16a9bc0f7e98a3e9585236340a3eebebaefd2174
-
SHA256
73227ac9a9dd1cf1693ffc726c7102ad7fd2e9c74973459c2d67ae945684f2ee
-
SHA512
ec5536c95353343a1656819c4d6d1dc4049491bfe3bd2a86d3f07d6cdded364876344268a7e1701939e322abc0e527ec971792995e2738e273e9e13a0557fa21
-
SSDEEP
3072:+mZlKlEzDq60vSgHbem3myQ8E09JVFyqTGbN5QvuS6nqx3s5/nTZxPcSCAppuBZn:+1bTbykdfYbyPqFC44X
Static task
static1
Behavioral task
behavioral1
Sample
592bab2c3b5d94a2f3a4f95e597abe84_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
592bab2c3b5d94a2f3a4f95e597abe84_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
592bab2c3b5d94a2f3a4f95e597abe84_JaffaCakes118
-
Size
223KB
-
MD5
592bab2c3b5d94a2f3a4f95e597abe84
-
SHA1
16a9bc0f7e98a3e9585236340a3eebebaefd2174
-
SHA256
73227ac9a9dd1cf1693ffc726c7102ad7fd2e9c74973459c2d67ae945684f2ee
-
SHA512
ec5536c95353343a1656819c4d6d1dc4049491bfe3bd2a86d3f07d6cdded364876344268a7e1701939e322abc0e527ec971792995e2738e273e9e13a0557fa21
-
SSDEEP
3072:+mZlKlEzDq60vSgHbem3myQ8E09JVFyqTGbN5QvuS6nqx3s5/nTZxPcSCAppuBZn:+1bTbykdfYbyPqFC44X
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-