Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    19-07-2024 11:08

General

  • Target

    5baeb3c0c9bab94cf61a6eebff98014c_JaffaCakes118.exe

  • Size

    40KB

  • MD5

    5baeb3c0c9bab94cf61a6eebff98014c

  • SHA1

    1404046a749f0505a27c04505733ecc57db9e98e

  • SHA256

    6032f5b156a7acddf6c66b59ef5c783917d748f80e5644644b0e11bd3aa7bbc0

  • SHA512

    e81d4cd45848551f552ad9052aea5ef9d64d31e8c35852d6796e71b500f29eb20616a2528480817ff7454fe0d5dd9dfed806341a15b0a1b5636f74a60bed49a7

  • SSDEEP

    768:6E9hJhdN12Ozhiow2Gkm6+Z8/pBzNBwIldGzoWmxC:6uTzMOlw2Gkmb8/BldaoWmxC

Malware Config

Signatures

  • Detect XtremeRAT payload 1 IoCs
  • XtremeRAT

    The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

Processes

  • C:\Users\Admin\AppData\Local\Temp\5baeb3c0c9bab94cf61a6eebff98014c_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\5baeb3c0c9bab94cf61a6eebff98014c_JaffaCakes118.exe"
    1⤵
      PID:2988

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2988-2-0x0000000000C80000-0x0000000000C92000-memory.dmp

      Filesize

      72KB