General
-
Target
621e48696f3f12dd2636d7631c438912_JaffaCakes118
-
Size
743KB
-
Sample
240722-a691sawbrp
-
MD5
621e48696f3f12dd2636d7631c438912
-
SHA1
546163c28baddab9edff519d5095f38896e51eb7
-
SHA256
776fa37820b88590edcff47281c8492d62df4604e8c7d737bd62a7c18fe8c509
-
SHA512
a0516edb9a23663f60889e815ad6991ba9bf5d257c1f5b68cc5baa595326463141b4d0f0fbb9b4108e333fcc68bb9dc3e9ce729eed94f059c183d60b141fa9ba
-
SSDEEP
12288:q1jf/p9Rw0/QwBKzXR+Ye0tQo3IxDrbJtQoidjUxej0xB2EVSszrdjJYHVigiuv+:qF/pLw+nQBeo36rbJtQvVQ2WSQ98a3ui
Behavioral task
behavioral1
Sample
621e48696f3f12dd2636d7631c438912_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
621e48696f3f12dd2636d7631c438912_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
621e48696f3f12dd2636d7631c438912_JaffaCakes118
-
Size
743KB
-
MD5
621e48696f3f12dd2636d7631c438912
-
SHA1
546163c28baddab9edff519d5095f38896e51eb7
-
SHA256
776fa37820b88590edcff47281c8492d62df4604e8c7d737bd62a7c18fe8c509
-
SHA512
a0516edb9a23663f60889e815ad6991ba9bf5d257c1f5b68cc5baa595326463141b4d0f0fbb9b4108e333fcc68bb9dc3e9ce729eed94f059c183d60b141fa9ba
-
SSDEEP
12288:q1jf/p9Rw0/QwBKzXR+Ye0tQo3IxDrbJtQoidjUxej0xB2EVSszrdjJYHVigiuv+:qF/pLw+nQBeo36rbJtQvVQ2WSQ98a3ui
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Adds Run key to start application
-