General
-
Target
609e45081a2d879da829bc70d315a3ae_JaffaCakes118
-
Size
395KB
-
Sample
240721-p6pgea1gmb
-
MD5
609e45081a2d879da829bc70d315a3ae
-
SHA1
a3e18de1588b219bb0b56c4a0cab7930cc6266ea
-
SHA256
f34c9a6f5dc5356a2763d61b0bb4f7133f9eba0b2ca1ee42f0575ba8d1b21381
-
SHA512
b1ca7769e6f7fffacd09586d5b2b0694cca6017c0f5fdf1c1666902fd2c83217c6b505cfb50b2f520159c9ee12de7f9d2c5b08ac43d29c8551760f29355d4f21
-
SSDEEP
12288:UdoS493ACIl7vI1kiqHNnyVek/a4AmHNX467pMYI/:EoIjIbgyLC4t54671I/
Static task
static1
Behavioral task
behavioral1
Sample
609e45081a2d879da829bc70d315a3ae_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
609e45081a2d879da829bc70d315a3ae_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
mmsalti.no-ip.org
Targets
-
-
Target
609e45081a2d879da829bc70d315a3ae_JaffaCakes118
-
Size
395KB
-
MD5
609e45081a2d879da829bc70d315a3ae
-
SHA1
a3e18de1588b219bb0b56c4a0cab7930cc6266ea
-
SHA256
f34c9a6f5dc5356a2763d61b0bb4f7133f9eba0b2ca1ee42f0575ba8d1b21381
-
SHA512
b1ca7769e6f7fffacd09586d5b2b0694cca6017c0f5fdf1c1666902fd2c83217c6b505cfb50b2f520159c9ee12de7f9d2c5b08ac43d29c8551760f29355d4f21
-
SSDEEP
12288:UdoS493ACIl7vI1kiqHNnyVek/a4AmHNX467pMYI/:EoIjIbgyLC4t54671I/
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-