General
-
Target
59ea0bd1ed02d56597ca1f43c8548c2e_JaffaCakes118
-
Size
156KB
-
Sample
240719-bw2gbszanf
-
MD5
59ea0bd1ed02d56597ca1f43c8548c2e
-
SHA1
3ecd4f5a8aa1e0ae766deec268fc66ad23a3784a
-
SHA256
cef387c694462481ebc08c6a9ac8c6e7cdd5b15503f346ab7cf58b8d557477f6
-
SHA512
a2df44f1f25f50c9f0f42572233c1d38a02d4db333d416d5aa62344fb282e31fd1772051ed6912c0ac567544e65949945b53523593e8b8f536e671e96348b24c
-
SSDEEP
1536:yRpYHLZNCBkIgHoVHoponnwTTCmk3C2GSQM62v5UR2chXALYlwKmySOf7fQH2Ui7:yRpYH3CBXgIVHWPpF+5URZwL6lSsC2U
Static task
static1
Behavioral task
behavioral1
Sample
59ea0bd1ed02d56597ca1f43c8548c2e_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
59ea0bd1ed02d56597ca1f43c8548c2e_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
59ea0bd1ed02d56597ca1f43c8548c2e_JaffaCakes118
-
Size
156KB
-
MD5
59ea0bd1ed02d56597ca1f43c8548c2e
-
SHA1
3ecd4f5a8aa1e0ae766deec268fc66ad23a3784a
-
SHA256
cef387c694462481ebc08c6a9ac8c6e7cdd5b15503f346ab7cf58b8d557477f6
-
SHA512
a2df44f1f25f50c9f0f42572233c1d38a02d4db333d416d5aa62344fb282e31fd1772051ed6912c0ac567544e65949945b53523593e8b8f536e671e96348b24c
-
SSDEEP
1536:yRpYHLZNCBkIgHoVHoponnwTTCmk3C2GSQM62v5UR2chXALYlwKmySOf7fQH2Ui7:yRpYH3CBXgIVHWPpF+5URZwL6lSsC2U
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-