General
-
Target
583fefc60036e58d7616755fc09ef905_JaffaCakes118
-
Size
924KB
-
Sample
240718-vb5sssxerk
-
MD5
583fefc60036e58d7616755fc09ef905
-
SHA1
50ba35f670779122a22a470321a4304af7b5795f
-
SHA256
0f6aa2d4889be22d0b04e567752244022ece4f84b0dc8e2f5e158300f6698401
-
SHA512
05e58c61a6eb10d81854a6b1e5538681f4108c2fa8a12c1668fcff428610cfb1782b0b7d038a89b98597e669927778ff0b5c3d1f0744d71745654e1fbdb1d6db
-
SSDEEP
6144:HR1nIgK54IQzeeeL4/Q4wACbisqtWrP8Pwi6nIgK54IQzeeeL4/:bIgKKM4YFyMywi6IgKKM4
Static task
static1
Behavioral task
behavioral1
Sample
583fefc60036e58d7616755fc09ef905_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
583fefc60036e58d7616755fc09ef905_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
583fefc60036e58d7616755fc09ef905_JaffaCakes118
-
Size
924KB
-
MD5
583fefc60036e58d7616755fc09ef905
-
SHA1
50ba35f670779122a22a470321a4304af7b5795f
-
SHA256
0f6aa2d4889be22d0b04e567752244022ece4f84b0dc8e2f5e158300f6698401
-
SHA512
05e58c61a6eb10d81854a6b1e5538681f4108c2fa8a12c1668fcff428610cfb1782b0b7d038a89b98597e669927778ff0b5c3d1f0744d71745654e1fbdb1d6db
-
SSDEEP
6144:HR1nIgK54IQzeeeL4/Q4wACbisqtWrP8Pwi6nIgK54IQzeeeL4/:bIgKKM4YFyMywi6IgKKM4
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-