General

  • Target

    5ab79bd0cb381bd6ec60676d6c6ce891_JaffaCakes118

  • Size

    62KB

  • Sample

    240719-gl8esavhpr

  • MD5

    5ab79bd0cb381bd6ec60676d6c6ce891

  • SHA1

    c6eb3b764784ef1791a1433b8fd16a032a2e62d3

  • SHA256

    a326be72a1095b11479f095d15fbd21bc9f48f8989748ce2d91f735f755240bd

  • SHA512

    20761b10b9431604717532daa0a6c0543e7e535251bcb7f790a5c63728c270587212cf0d77c729e212f198813c184af9143ac21912a257d9307cf2b2ded0e579

  • SSDEEP

    1536:sT8qDqQ8K9MK3tGjbNwPZ6oIeXHWTl5NX3Pd:SqMyKdcPeXHW5B

Malware Config

Extracted

Family

xtremerat

C2

flinkch.no-ip.biz

Targets

    • Target

      5ab79bd0cb381bd6ec60676d6c6ce891_JaffaCakes118

    • Size

      62KB

    • MD5

      5ab79bd0cb381bd6ec60676d6c6ce891

    • SHA1

      c6eb3b764784ef1791a1433b8fd16a032a2e62d3

    • SHA256

      a326be72a1095b11479f095d15fbd21bc9f48f8989748ce2d91f735f755240bd

    • SHA512

      20761b10b9431604717532daa0a6c0543e7e535251bcb7f790a5c63728c270587212cf0d77c729e212f198813c184af9143ac21912a257d9307cf2b2ded0e579

    • SSDEEP

      1536:sT8qDqQ8K9MK3tGjbNwPZ6oIeXHWTl5NX3Pd:SqMyKdcPeXHW5B

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks