General

  • Target

    5a75205baa54d6d6b818cd32f5ab2c07_JaffaCakes118

  • Size

    300KB

  • Sample

    240719-e2t6zswckc

  • MD5

    5a75205baa54d6d6b818cd32f5ab2c07

  • SHA1

    bdfac8475ce9444d5d3c952eb587e43d0e13d40c

  • SHA256

    c82c3c1eca55f52edcef93c04f7de7727249aadb5bf82f187f0a9ec8b47fab16

  • SHA512

    d3c1922ad561467b50348ccd46fe0efff6b922c540095b587117faddde8590fbc6b47a2e7184ef5118fb2aa9fd6226544b1a78c25c97994667687c4b9c235804

  • SSDEEP

    3072:AIZn0wUdozejHWt+VrqRHgG5FOEYYKvYut1xGIu2gR3NJWVrqRHgG5FOEYYKvYu2:eZrqRHuxYK91xGIu2gRvKrqRHuxYK9Y

Malware Config

Targets

    • Target

      5a75205baa54d6d6b818cd32f5ab2c07_JaffaCakes118

    • Size

      300KB

    • MD5

      5a75205baa54d6d6b818cd32f5ab2c07

    • SHA1

      bdfac8475ce9444d5d3c952eb587e43d0e13d40c

    • SHA256

      c82c3c1eca55f52edcef93c04f7de7727249aadb5bf82f187f0a9ec8b47fab16

    • SHA512

      d3c1922ad561467b50348ccd46fe0efff6b922c540095b587117faddde8590fbc6b47a2e7184ef5118fb2aa9fd6226544b1a78c25c97994667687c4b9c235804

    • SSDEEP

      3072:AIZn0wUdozejHWt+VrqRHgG5FOEYYKvYut1xGIu2gR3NJWVrqRHgG5FOEYYKvYu2:eZrqRHuxYK91xGIu2gRvKrqRHuxYK9Y

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks