General
-
Target
5ab79bd0cb381bd6ec60676d6c6ce891_JaffaCakes118
-
Size
62KB
-
Sample
240719-gl8esavhpr
-
MD5
5ab79bd0cb381bd6ec60676d6c6ce891
-
SHA1
c6eb3b764784ef1791a1433b8fd16a032a2e62d3
-
SHA256
a326be72a1095b11479f095d15fbd21bc9f48f8989748ce2d91f735f755240bd
-
SHA512
20761b10b9431604717532daa0a6c0543e7e535251bcb7f790a5c63728c270587212cf0d77c729e212f198813c184af9143ac21912a257d9307cf2b2ded0e579
-
SSDEEP
1536:sT8qDqQ8K9MK3tGjbNwPZ6oIeXHWTl5NX3Pd:SqMyKdcPeXHW5B
Behavioral task
behavioral1
Sample
5ab79bd0cb381bd6ec60676d6c6ce891_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5ab79bd0cb381bd6ec60676d6c6ce891_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
flinkch.no-ip.biz
Targets
-
-
Target
5ab79bd0cb381bd6ec60676d6c6ce891_JaffaCakes118
-
Size
62KB
-
MD5
5ab79bd0cb381bd6ec60676d6c6ce891
-
SHA1
c6eb3b764784ef1791a1433b8fd16a032a2e62d3
-
SHA256
a326be72a1095b11479f095d15fbd21bc9f48f8989748ce2d91f735f755240bd
-
SHA512
20761b10b9431604717532daa0a6c0543e7e535251bcb7f790a5c63728c270587212cf0d77c729e212f198813c184af9143ac21912a257d9307cf2b2ded0e579
-
SSDEEP
1536:sT8qDqQ8K9MK3tGjbNwPZ6oIeXHWTl5NX3Pd:SqMyKdcPeXHW5B
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-