General
-
Target
5fd561bc5be78b2078d72a1063b49a55_JaffaCakes118
-
Size
173KB
-
Sample
240720-kw8ebavenq
-
MD5
5fd561bc5be78b2078d72a1063b49a55
-
SHA1
b052c4dfdd7467300d99d3671ebe04e2574e5839
-
SHA256
6466a2b1d7700192b2d9107ea5e62d7adb3d8ada9454d58567c3742fcb7a87a4
-
SHA512
c2ee84610c956c7dc9c1987233c15e74069c0aafcff9cb425029886b542208b06a39071e0e6da31743006e549219ff6938d261aa57ca0fd714a0df95de1598a0
-
SSDEEP
3072:iqMyKdcweXHW5I7p12Im9DVQuRujtH7p12Im9DVQuRujtR:ABf2HW5Ep12ImOtbp12ImOtR
Behavioral task
behavioral1
Sample
5fd561bc5be78b2078d72a1063b49a55_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
5fd561bc5be78b2078d72a1063b49a55_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
baimian.3322.org
Targets
-
-
Target
5fd561bc5be78b2078d72a1063b49a55_JaffaCakes118
-
Size
173KB
-
MD5
5fd561bc5be78b2078d72a1063b49a55
-
SHA1
b052c4dfdd7467300d99d3671ebe04e2574e5839
-
SHA256
6466a2b1d7700192b2d9107ea5e62d7adb3d8ada9454d58567c3742fcb7a87a4
-
SHA512
c2ee84610c956c7dc9c1987233c15e74069c0aafcff9cb425029886b542208b06a39071e0e6da31743006e549219ff6938d261aa57ca0fd714a0df95de1598a0
-
SSDEEP
3072:iqMyKdcweXHW5I7p12Im9DVQuRujtH7p12Im9DVQuRujtR:ABf2HW5Ep12ImOtbp12ImOtR
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-