General

  • Target

    583fefc60036e58d7616755fc09ef905_JaffaCakes118

  • Size

    924KB

  • Sample

    240718-vb5sssxerk

  • MD5

    583fefc60036e58d7616755fc09ef905

  • SHA1

    50ba35f670779122a22a470321a4304af7b5795f

  • SHA256

    0f6aa2d4889be22d0b04e567752244022ece4f84b0dc8e2f5e158300f6698401

  • SHA512

    05e58c61a6eb10d81854a6b1e5538681f4108c2fa8a12c1668fcff428610cfb1782b0b7d038a89b98597e669927778ff0b5c3d1f0744d71745654e1fbdb1d6db

  • SSDEEP

    6144:HR1nIgK54IQzeeeL4/Q4wACbisqtWrP8Pwi6nIgK54IQzeeeL4/:bIgKKM4YFyMywi6IgKKM4

Malware Config

Targets

    • Target

      583fefc60036e58d7616755fc09ef905_JaffaCakes118

    • Size

      924KB

    • MD5

      583fefc60036e58d7616755fc09ef905

    • SHA1

      50ba35f670779122a22a470321a4304af7b5795f

    • SHA256

      0f6aa2d4889be22d0b04e567752244022ece4f84b0dc8e2f5e158300f6698401

    • SHA512

      05e58c61a6eb10d81854a6b1e5538681f4108c2fa8a12c1668fcff428610cfb1782b0b7d038a89b98597e669927778ff0b5c3d1f0744d71745654e1fbdb1d6db

    • SSDEEP

      6144:HR1nIgK54IQzeeeL4/Q4wACbisqtWrP8Pwi6nIgK54IQzeeeL4/:bIgKKM4YFyMywi6IgKKM4

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks