General

  • Target

    a45871cb750838339d31a4102f2fcac1_JaffaCakes118

  • Size

    534KB

  • Sample

    240817-145w6azeqh

  • MD5

    a45871cb750838339d31a4102f2fcac1

  • SHA1

    eb0e5c12dc041197c9a6605bda4756aa4b0fb4ee

  • SHA256

    f84bd2de7cf8a7eea7868eab168466dcedecf671025a2daa2d4eedc3c7207c81

  • SHA512

    c4dff0504454896220b029d33aa7f86dddff5798f096795fd3a451354976a9839f534ae8899c4fe2dc50290124e93600fd676bafaafac75a6d8188ed2232dc8b

  • SSDEEP

    6144:YUG1GCwehM2h0jUUOr4O7xFJ9uIOVX4sF+1Y/j:wPhM1jsMkD8j

Malware Config

Targets

    • Target

      a45871cb750838339d31a4102f2fcac1_JaffaCakes118

    • Size

      534KB

    • MD5

      a45871cb750838339d31a4102f2fcac1

    • SHA1

      eb0e5c12dc041197c9a6605bda4756aa4b0fb4ee

    • SHA256

      f84bd2de7cf8a7eea7868eab168466dcedecf671025a2daa2d4eedc3c7207c81

    • SHA512

      c4dff0504454896220b029d33aa7f86dddff5798f096795fd3a451354976a9839f534ae8899c4fe2dc50290124e93600fd676bafaafac75a6d8188ed2232dc8b

    • SSDEEP

      6144:YUG1GCwehM2h0jUUOr4O7xFJ9uIOVX4sF+1Y/j:wPhM1jsMkD8j

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks