General

  • Target

    58282d27df5269568cc80a461fe892a5_JaffaCakes118

  • Size

    62KB

  • Sample

    240718-tvk23azcpf

  • MD5

    58282d27df5269568cc80a461fe892a5

  • SHA1

    2b184df105473d8ffc4b610b666dd9a31d0abd74

  • SHA256

    efd04686de7e7aab457efccefc36fd8be45d634cd8d18331c8370691a55346b4

  • SHA512

    aba5bf863857b453c1317f9068af33c1df838c7dca6f94a292ca25c670f27fd6633598134036104c9b617ced4d2557ab807d08d1f570d1d5a64c5c3770a7b0e6

  • SSDEEP

    1536:j8qDqQMKgMK3t/jbNwPZ6ZleXHWwleNX3G:jqcXKd/FeXHWeD

Malware Config

Extracted

Family

xtremerat

C2

updatsys.sytes.net

Targets

    • Target

      58282d27df5269568cc80a461fe892a5_JaffaCakes118

    • Size

      62KB

    • MD5

      58282d27df5269568cc80a461fe892a5

    • SHA1

      2b184df105473d8ffc4b610b666dd9a31d0abd74

    • SHA256

      efd04686de7e7aab457efccefc36fd8be45d634cd8d18331c8370691a55346b4

    • SHA512

      aba5bf863857b453c1317f9068af33c1df838c7dca6f94a292ca25c670f27fd6633598134036104c9b617ced4d2557ab807d08d1f570d1d5a64c5c3770a7b0e6

    • SSDEEP

      1536:j8qDqQMKgMK3t/jbNwPZ6ZleXHWwleNX3G:jqcXKd/FeXHWeD

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks