General
-
Target
5a75205baa54d6d6b818cd32f5ab2c07_JaffaCakes118
-
Size
300KB
-
Sample
240719-e2t6zswckc
-
MD5
5a75205baa54d6d6b818cd32f5ab2c07
-
SHA1
bdfac8475ce9444d5d3c952eb587e43d0e13d40c
-
SHA256
c82c3c1eca55f52edcef93c04f7de7727249aadb5bf82f187f0a9ec8b47fab16
-
SHA512
d3c1922ad561467b50348ccd46fe0efff6b922c540095b587117faddde8590fbc6b47a2e7184ef5118fb2aa9fd6226544b1a78c25c97994667687c4b9c235804
-
SSDEEP
3072:AIZn0wUdozejHWt+VrqRHgG5FOEYYKvYut1xGIu2gR3NJWVrqRHgG5FOEYYKvYu2:eZrqRHuxYK91xGIu2gRvKrqRHuxYK9Y
Static task
static1
Behavioral task
behavioral1
Sample
5a75205baa54d6d6b818cd32f5ab2c07_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5a75205baa54d6d6b818cd32f5ab2c07_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
5a75205baa54d6d6b818cd32f5ab2c07_JaffaCakes118
-
Size
300KB
-
MD5
5a75205baa54d6d6b818cd32f5ab2c07
-
SHA1
bdfac8475ce9444d5d3c952eb587e43d0e13d40c
-
SHA256
c82c3c1eca55f52edcef93c04f7de7727249aadb5bf82f187f0a9ec8b47fab16
-
SHA512
d3c1922ad561467b50348ccd46fe0efff6b922c540095b587117faddde8590fbc6b47a2e7184ef5118fb2aa9fd6226544b1a78c25c97994667687c4b9c235804
-
SSDEEP
3072:AIZn0wUdozejHWt+VrqRHgG5FOEYYKvYut1xGIu2gR3NJWVrqRHgG5FOEYYKvYu2:eZrqRHuxYK91xGIu2gRvKrqRHuxYK9Y
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-