General
-
Target
593281dfc205c2a152cbc73945d9281f_JaffaCakes118
-
Size
180KB
-
Sample
240718-1mkjwsxgpp
-
MD5
593281dfc205c2a152cbc73945d9281f
-
SHA1
e84fe725a6e0b7a1ec1c914d4a2124fe9808bde9
-
SHA256
e0e0ea329f92842c2f7a5223ce5e3d5f195af397c126ecac31757ee0ddc53afb
-
SHA512
066924e3e874e444d6d6396a22f8162559133e1aa072e42fcb5fa55a2bbb1fa67ae5a329432dcdbe105ebe1b15988f4948a01685e575c6aead5886583f665c52
-
SSDEEP
3072:DeNcKreCvWbyhreTCF96HM0XUGXU2Fo21364EoiJeeI+StSqYLj8MfseRMGBR3Ra:DeuKSCRhC+pnVW5GJZ2tNYLj8Mfs9GB8
Static task
static1
Behavioral task
behavioral1
Sample
593281dfc205c2a152cbc73945d9281f_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
593281dfc205c2a152cbc73945d9281f_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
mnfd.dyndns.info
Targets
-
-
Target
593281dfc205c2a152cbc73945d9281f_JaffaCakes118
-
Size
180KB
-
MD5
593281dfc205c2a152cbc73945d9281f
-
SHA1
e84fe725a6e0b7a1ec1c914d4a2124fe9808bde9
-
SHA256
e0e0ea329f92842c2f7a5223ce5e3d5f195af397c126ecac31757ee0ddc53afb
-
SHA512
066924e3e874e444d6d6396a22f8162559133e1aa072e42fcb5fa55a2bbb1fa67ae5a329432dcdbe105ebe1b15988f4948a01685e575c6aead5886583f665c52
-
SSDEEP
3072:DeNcKreCvWbyhreTCF96HM0XUGXU2Fo21364EoiJeeI+StSqYLj8MfseRMGBR3Ra:DeuKSCRhC+pnVW5GJZ2tNYLj8Mfs9GB8
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-