General
-
Target
a45871cb750838339d31a4102f2fcac1_JaffaCakes118
-
Size
534KB
-
Sample
240817-145w6azeqh
-
MD5
a45871cb750838339d31a4102f2fcac1
-
SHA1
eb0e5c12dc041197c9a6605bda4756aa4b0fb4ee
-
SHA256
f84bd2de7cf8a7eea7868eab168466dcedecf671025a2daa2d4eedc3c7207c81
-
SHA512
c4dff0504454896220b029d33aa7f86dddff5798f096795fd3a451354976a9839f534ae8899c4fe2dc50290124e93600fd676bafaafac75a6d8188ed2232dc8b
-
SSDEEP
6144:YUG1GCwehM2h0jUUOr4O7xFJ9uIOVX4sF+1Y/j:wPhM1jsMkD8j
Static task
static1
Behavioral task
behavioral1
Sample
a45871cb750838339d31a4102f2fcac1_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
a45871cb750838339d31a4102f2fcac1_JaffaCakes118
-
Size
534KB
-
MD5
a45871cb750838339d31a4102f2fcac1
-
SHA1
eb0e5c12dc041197c9a6605bda4756aa4b0fb4ee
-
SHA256
f84bd2de7cf8a7eea7868eab168466dcedecf671025a2daa2d4eedc3c7207c81
-
SHA512
c4dff0504454896220b029d33aa7f86dddff5798f096795fd3a451354976a9839f534ae8899c4fe2dc50290124e93600fd676bafaafac75a6d8188ed2232dc8b
-
SSDEEP
6144:YUG1GCwehM2h0jUUOr4O7xFJ9uIOVX4sF+1Y/j:wPhM1jsMkD8j
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-