General

  • Target

    59ea0bd1ed02d56597ca1f43c8548c2e_JaffaCakes118

  • Size

    156KB

  • Sample

    240719-bw2gbszanf

  • MD5

    59ea0bd1ed02d56597ca1f43c8548c2e

  • SHA1

    3ecd4f5a8aa1e0ae766deec268fc66ad23a3784a

  • SHA256

    cef387c694462481ebc08c6a9ac8c6e7cdd5b15503f346ab7cf58b8d557477f6

  • SHA512

    a2df44f1f25f50c9f0f42572233c1d38a02d4db333d416d5aa62344fb282e31fd1772051ed6912c0ac567544e65949945b53523593e8b8f536e671e96348b24c

  • SSDEEP

    1536:yRpYHLZNCBkIgHoVHoponnwTTCmk3C2GSQM62v5UR2chXALYlwKmySOf7fQH2Ui7:yRpYH3CBXgIVHWPpF+5URZwL6lSsC2U

Malware Config

Targets

    • Target

      59ea0bd1ed02d56597ca1f43c8548c2e_JaffaCakes118

    • Size

      156KB

    • MD5

      59ea0bd1ed02d56597ca1f43c8548c2e

    • SHA1

      3ecd4f5a8aa1e0ae766deec268fc66ad23a3784a

    • SHA256

      cef387c694462481ebc08c6a9ac8c6e7cdd5b15503f346ab7cf58b8d557477f6

    • SHA512

      a2df44f1f25f50c9f0f42572233c1d38a02d4db333d416d5aa62344fb282e31fd1772051ed6912c0ac567544e65949945b53523593e8b8f536e671e96348b24c

    • SSDEEP

      1536:yRpYHLZNCBkIgHoVHoponnwTTCmk3C2GSQM62v5UR2chXALYlwKmySOf7fQH2Ui7:yRpYH3CBXgIVHWPpF+5URZwL6lSsC2U

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks