General

  • Target

    a474b25976b9579f2e06c294652c90ba_JaffaCakes118

  • Size

    262KB

  • Sample

    240817-2r4n1avamr

  • MD5

    a474b25976b9579f2e06c294652c90ba

  • SHA1

    ef41ec8a476f27737466813f2a8171f58833f76c

  • SHA256

    95cf254ac44af80db9931e64a765ef01b1263b7e9c9d993630e9610abfed3085

  • SHA512

    b555096c6256f0d69e3cf6d9ce866ee35f0afd821be3338374470cac059b6e916b02987173d13da863f0335f55f713748e91fc183322481f2788f9c859b8f09c

  • SSDEEP

    1536:WNH9Bx63r077NHBZm3U8enkFKQHssOs+WpfBHFg2QR3Ow2aeYGRxFMDbI:e63Q77NhjnkF/v+EZlg2QRyafWMHI

Malware Config

Targets

    • Target

      a474b25976b9579f2e06c294652c90ba_JaffaCakes118

    • Size

      262KB

    • MD5

      a474b25976b9579f2e06c294652c90ba

    • SHA1

      ef41ec8a476f27737466813f2a8171f58833f76c

    • SHA256

      95cf254ac44af80db9931e64a765ef01b1263b7e9c9d993630e9610abfed3085

    • SHA512

      b555096c6256f0d69e3cf6d9ce866ee35f0afd821be3338374470cac059b6e916b02987173d13da863f0335f55f713748e91fc183322481f2788f9c859b8f09c

    • SSDEEP

      1536:WNH9Bx63r077NHBZm3U8enkFKQHssOs+WpfBHFg2QR3Ow2aeYGRxFMDbI:e63Q77NhjnkF/v+EZlg2QRyafWMHI

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks