General

  • Target

    a460f8f39f079ffdd2eee5f7ac7d069b_JaffaCakes118

  • Size

    301KB

  • Sample

    240817-2b4n3a1ane

  • MD5

    a460f8f39f079ffdd2eee5f7ac7d069b

  • SHA1

    c41bbefb25f5c62ccbee81a42568fcda873857d2

  • SHA256

    9438438dd63202fe1ae656ed396132ab6dafcfda9ae1892076993b50f9dc4084

  • SHA512

    433bcc542a9b4d7de3507f657ee09586b9525d88848ec74f45d5885d4c7580615c555c0e4f683d8dc781b54468e9833c76756a8ccc36a1c2c084802dbaaa8625

  • SSDEEP

    768:L8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiiQzo4105R:jsq+QV4rObAdXWpf/y+coTfYox

Malware Config

Extracted

Family

xtremerat

C2

dm3aa.no-ip.biz

Targets

    • Target

      a460f8f39f079ffdd2eee5f7ac7d069b_JaffaCakes118

    • Size

      301KB

    • MD5

      a460f8f39f079ffdd2eee5f7ac7d069b

    • SHA1

      c41bbefb25f5c62ccbee81a42568fcda873857d2

    • SHA256

      9438438dd63202fe1ae656ed396132ab6dafcfda9ae1892076993b50f9dc4084

    • SHA512

      433bcc542a9b4d7de3507f657ee09586b9525d88848ec74f45d5885d4c7580615c555c0e4f683d8dc781b54468e9833c76756a8ccc36a1c2c084802dbaaa8625

    • SSDEEP

      768:L8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiiQzo4105R:jsq+QV4rObAdXWpf/y+coTfYox

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks