General

  • Target

    58feac211b29a729b36fe9df27eb6f23_JaffaCakes118

  • Size

    331KB

  • Sample

    240718-zhxg8avhlq

  • MD5

    58feac211b29a729b36fe9df27eb6f23

  • SHA1

    390b50655ac7c91db767bb27c7b36ea05c2f660d

  • SHA256

    fb07f6b0098508dc5f9995c690198285a6718434296172288c84fa7b47bcfd01

  • SHA512

    f6f2f2c1dbb818c6812bb621b605e51f5439afc72a6f04c81ec316567c95eb568d9c98f5b03cf285ffffbd614546fd515b91702795d99c0f7b12fbb178981873

  • SSDEEP

    6144:ABgh/58KGip9lmh0UwwDdxtPw13OyhFR8uHs7BiT0xpuiamx5alzYa5:ABMmKGnhDT+JlC5BHvfag5aqa5

Malware Config

Targets

    • Target

      58feac211b29a729b36fe9df27eb6f23_JaffaCakes118

    • Size

      331KB

    • MD5

      58feac211b29a729b36fe9df27eb6f23

    • SHA1

      390b50655ac7c91db767bb27c7b36ea05c2f660d

    • SHA256

      fb07f6b0098508dc5f9995c690198285a6718434296172288c84fa7b47bcfd01

    • SHA512

      f6f2f2c1dbb818c6812bb621b605e51f5439afc72a6f04c81ec316567c95eb568d9c98f5b03cf285ffffbd614546fd515b91702795d99c0f7b12fbb178981873

    • SSDEEP

      6144:ABgh/58KGip9lmh0UwwDdxtPw13OyhFR8uHs7BiT0xpuiamx5alzYa5:ABMmKGnhDT+JlC5BHvfag5aqa5

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks