General
-
Target
6098b3a5e5275b8b51320122b30b84fc_JaffaCakes118
-
Size
148KB
-
Sample
240721-pv9cfatblr
-
MD5
6098b3a5e5275b8b51320122b30b84fc
-
SHA1
9fa0cac054f99f55f45a5e54d3eb46ea389fa760
-
SHA256
47073f3dbc7fbecf98f4fbc3146c3692152fc3ef8496bfa9ae3ad8477cb0efb0
-
SHA512
6595eb77dda60da1b1b67694644929bbf663489c99b6666d76f40286b7cb428ff4b733ef8ce83d4dee661b9dfaedfb3c5b10c5257b0baad6d22e1cec86e13875
-
SSDEEP
3072:mAJrbQVPJCd6ZlGQXfE2YIzAm8CU5FTTlF/n:JMVRCeEZI78Jp
Static task
static1
Behavioral task
behavioral1
Sample
6098b3a5e5275b8b51320122b30b84fc_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
6098b3a5e5275b8b51320122b30b84fc_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
6098b3a5e5275b8b51320122b30b84fc_JaffaCakes118
-
Size
148KB
-
MD5
6098b3a5e5275b8b51320122b30b84fc
-
SHA1
9fa0cac054f99f55f45a5e54d3eb46ea389fa760
-
SHA256
47073f3dbc7fbecf98f4fbc3146c3692152fc3ef8496bfa9ae3ad8477cb0efb0
-
SHA512
6595eb77dda60da1b1b67694644929bbf663489c99b6666d76f40286b7cb428ff4b733ef8ce83d4dee661b9dfaedfb3c5b10c5257b0baad6d22e1cec86e13875
-
SSDEEP
3072:mAJrbQVPJCd6ZlGQXfE2YIzAm8CU5FTTlF/n:JMVRCeEZI78Jp
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-