General
-
Target
58feac211b29a729b36fe9df27eb6f23_JaffaCakes118
-
Size
331KB
-
Sample
240718-zhxg8avhlq
-
MD5
58feac211b29a729b36fe9df27eb6f23
-
SHA1
390b50655ac7c91db767bb27c7b36ea05c2f660d
-
SHA256
fb07f6b0098508dc5f9995c690198285a6718434296172288c84fa7b47bcfd01
-
SHA512
f6f2f2c1dbb818c6812bb621b605e51f5439afc72a6f04c81ec316567c95eb568d9c98f5b03cf285ffffbd614546fd515b91702795d99c0f7b12fbb178981873
-
SSDEEP
6144:ABgh/58KGip9lmh0UwwDdxtPw13OyhFR8uHs7BiT0xpuiamx5alzYa5:ABMmKGnhDT+JlC5BHvfag5aqa5
Behavioral task
behavioral1
Sample
58feac211b29a729b36fe9df27eb6f23_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
58feac211b29a729b36fe9df27eb6f23_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
58feac211b29a729b36fe9df27eb6f23_JaffaCakes118
-
Size
331KB
-
MD5
58feac211b29a729b36fe9df27eb6f23
-
SHA1
390b50655ac7c91db767bb27c7b36ea05c2f660d
-
SHA256
fb07f6b0098508dc5f9995c690198285a6718434296172288c84fa7b47bcfd01
-
SHA512
f6f2f2c1dbb818c6812bb621b605e51f5439afc72a6f04c81ec316567c95eb568d9c98f5b03cf285ffffbd614546fd515b91702795d99c0f7b12fbb178981873
-
SSDEEP
6144:ABgh/58KGip9lmh0UwwDdxtPw13OyhFR8uHs7BiT0xpuiamx5alzYa5:ABMmKGnhDT+JlC5BHvfag5aqa5
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-