General
-
Target
61a7414eeada6d0ab43b6c749c389b65_JaffaCakes118
-
Size
111KB
-
Sample
240721-2cwpvaxgla
-
MD5
61a7414eeada6d0ab43b6c749c389b65
-
SHA1
25560bb8e94f7f3e84ce5eb87da8cfec3c51b901
-
SHA256
dcabef9033ae676e18f78383dd73ee085986d65f356abd90007702301f39f90a
-
SHA512
179f132dba1b5471fc64552c4d36956f95d375b0c26574932db1ef62fcd0447e2a011b6b6f9a4bbdeae830313956165a8e6b3d8e7f28f00c57cc6a475a87d6bc
-
SSDEEP
1536:5du8hk1t5CS0s4CGMiT7spPDXAnQekuaC0o22iTb3FpKWhi4qzf+rVEOW9:Vq1fdqNcxUn7kuaC0WiTK1zuV7A
Static task
static1
Behavioral task
behavioral1
Sample
61a7414eeada6d0ab43b6c749c389b65_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
61a7414eeada6d0ab43b6c749c389b65_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
shakur2.dyndns.biz
Targets
-
-
Target
61a7414eeada6d0ab43b6c749c389b65_JaffaCakes118
-
Size
111KB
-
MD5
61a7414eeada6d0ab43b6c749c389b65
-
SHA1
25560bb8e94f7f3e84ce5eb87da8cfec3c51b901
-
SHA256
dcabef9033ae676e18f78383dd73ee085986d65f356abd90007702301f39f90a
-
SHA512
179f132dba1b5471fc64552c4d36956f95d375b0c26574932db1ef62fcd0447e2a011b6b6f9a4bbdeae830313956165a8e6b3d8e7f28f00c57cc6a475a87d6bc
-
SSDEEP
1536:5du8hk1t5CS0s4CGMiT7spPDXAnQekuaC0o22iTb3FpKWhi4qzf+rVEOW9:Vq1fdqNcxUn7kuaC0WiTK1zuV7A
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-