General
-
Target
629de1beb82540673182df341303f011_JaffaCakes118
-
Size
241KB
-
Sample
240722-kzz74szckm
-
MD5
629de1beb82540673182df341303f011
-
SHA1
fe1d3ace02e5ba268620f02b85946e59ceb88b75
-
SHA256
52819530aa3f9c9aff2b4d2cb45979ee1ce9b40ee1d5d0bf60d5a7ec4c602192
-
SHA512
1004d75c8449e11e1ecad911ef62f6bae09926680633834f4ec7c4cb36a4ff13457857b906cbcf9a360751a59271f056c890f685abe77d7c3996054809d74768
-
SSDEEP
6144:Do05l2OnL4OZQM6RRUSEATQLIfEATQLI99G8fHygE:Dr2O8OSMlxATQXATQufHPE
Static task
static1
Behavioral task
behavioral1
Sample
629de1beb82540673182df341303f011_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
629de1beb82540673182df341303f011_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
629de1beb82540673182df341303f011_JaffaCakes118
-
Size
241KB
-
MD5
629de1beb82540673182df341303f011
-
SHA1
fe1d3ace02e5ba268620f02b85946e59ceb88b75
-
SHA256
52819530aa3f9c9aff2b4d2cb45979ee1ce9b40ee1d5d0bf60d5a7ec4c602192
-
SHA512
1004d75c8449e11e1ecad911ef62f6bae09926680633834f4ec7c4cb36a4ff13457857b906cbcf9a360751a59271f056c890f685abe77d7c3996054809d74768
-
SSDEEP
6144:Do05l2OnL4OZQM6RRUSEATQLIfEATQLI99G8fHygE:Dr2O8OSMlxATQXATQufHPE
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-