General
-
Target
a474b25976b9579f2e06c294652c90ba_JaffaCakes118
-
Size
262KB
-
Sample
240817-2r4n1avamr
-
MD5
a474b25976b9579f2e06c294652c90ba
-
SHA1
ef41ec8a476f27737466813f2a8171f58833f76c
-
SHA256
95cf254ac44af80db9931e64a765ef01b1263b7e9c9d993630e9610abfed3085
-
SHA512
b555096c6256f0d69e3cf6d9ce866ee35f0afd821be3338374470cac059b6e916b02987173d13da863f0335f55f713748e91fc183322481f2788f9c859b8f09c
-
SSDEEP
1536:WNH9Bx63r077NHBZm3U8enkFKQHssOs+WpfBHFg2QR3Ow2aeYGRxFMDbI:e63Q77NhjnkF/v+EZlg2QRyafWMHI
Static task
static1
Behavioral task
behavioral1
Sample
a474b25976b9579f2e06c294652c90ba_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a474b25976b9579f2e06c294652c90ba_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
a474b25976b9579f2e06c294652c90ba_JaffaCakes118
-
Size
262KB
-
MD5
a474b25976b9579f2e06c294652c90ba
-
SHA1
ef41ec8a476f27737466813f2a8171f58833f76c
-
SHA256
95cf254ac44af80db9931e64a765ef01b1263b7e9c9d993630e9610abfed3085
-
SHA512
b555096c6256f0d69e3cf6d9ce866ee35f0afd821be3338374470cac059b6e916b02987173d13da863f0335f55f713748e91fc183322481f2788f9c859b8f09c
-
SSDEEP
1536:WNH9Bx63r077NHBZm3U8enkFKQHssOs+WpfBHFg2QR3Ow2aeYGRxFMDbI:e63Q77NhjnkF/v+EZlg2QRyafWMHI
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-