General

  • Target

    5a06588d81838560b255efa261852882_JaffaCakes118

  • Size

    44KB

  • Sample

    240719-cfp9ss1aqb

  • MD5

    5a06588d81838560b255efa261852882

  • SHA1

    09a2baf4d25fcd7ff08912feac5fba928d939798

  • SHA256

    77af28c1f85fb1f754ee10ef1b819b4450a7653832ba78e73be7969badac5507

  • SHA512

    276ab8a867ca4dd8deb4d08347d96c9dfcc4632f9f225eb00c43c16bc04568dc2e1664764ae8d1ee8ac0caa068a57cdaa5e7c01ea17bcee23a002e93cc85334b

  • SSDEEP

    768:rBr+tjFqTPEAlfzPB1lr6an3sGTrOvm2DfuTwYPI+zoJ1L:FyRUnlrZ1lr6anXTrOvm2bOQCozL

Malware Config

Extracted

Family

xtremerat

C2

namehost.dyndns.org

Targets

    • Target

      5a06588d81838560b255efa261852882_JaffaCakes118

    • Size

      44KB

    • MD5

      5a06588d81838560b255efa261852882

    • SHA1

      09a2baf4d25fcd7ff08912feac5fba928d939798

    • SHA256

      77af28c1f85fb1f754ee10ef1b819b4450a7653832ba78e73be7969badac5507

    • SHA512

      276ab8a867ca4dd8deb4d08347d96c9dfcc4632f9f225eb00c43c16bc04568dc2e1664764ae8d1ee8ac0caa068a57cdaa5e7c01ea17bcee23a002e93cc85334b

    • SSDEEP

      768:rBr+tjFqTPEAlfzPB1lr6an3sGTrOvm2DfuTwYPI+zoJ1L:FyRUnlrZ1lr6anXTrOvm2bOQCozL

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks