General
-
Target
588d9d798deeafd908e2b8c83987fe23_JaffaCakes118
-
Size
111KB
-
Sample
240718-w2fr2atflb
-
MD5
588d9d798deeafd908e2b8c83987fe23
-
SHA1
ad3ea5016fa67a8ed9c589f883cb24092bf32c11
-
SHA256
1ee6d0d25bb81143cd4117a010d31adf19d0bfb17fe3e499f3d4584fba95684c
-
SHA512
7939e3f9106819b6cc39fd67d7970e2cca0e560b8594702309bcad8085ab514e99a486e1d9b5000a07f70d62e7fb5c455d4a1c54ccc75b1b681310fe9956a4df
-
SSDEEP
3072:zxoXeklkYD1AzHLHrFv2q2/WEkSxvC2HZI:loXRkCAzrHr12wVSM
Behavioral task
behavioral1
Sample
588d9d798deeafd908e2b8c83987fe23_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
588d9d798deeafd908e2b8c83987fe23_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
daimoom3.zapto.org
Targets
-
-
Target
588d9d798deeafd908e2b8c83987fe23_JaffaCakes118
-
Size
111KB
-
MD5
588d9d798deeafd908e2b8c83987fe23
-
SHA1
ad3ea5016fa67a8ed9c589f883cb24092bf32c11
-
SHA256
1ee6d0d25bb81143cd4117a010d31adf19d0bfb17fe3e499f3d4584fba95684c
-
SHA512
7939e3f9106819b6cc39fd67d7970e2cca0e560b8594702309bcad8085ab514e99a486e1d9b5000a07f70d62e7fb5c455d4a1c54ccc75b1b681310fe9956a4df
-
SSDEEP
3072:zxoXeklkYD1AzHLHrFv2q2/WEkSxvC2HZI:loXRkCAzrHr12wVSM
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-