General

  • Target

    a54f2d9f560cf9633904e7bd0aa0f073_JaffaCakes118

  • Size

    27KB

  • Sample

    240818-elx8psthpg

  • MD5

    a54f2d9f560cf9633904e7bd0aa0f073

  • SHA1

    0bac7255c57a927e13f2ebdb742b4b6d1dbb29ec

  • SHA256

    c421240a62885ee31d2b684b88aee5e3d793dfa0e9552a92cd5e452cf49b0f31

  • SHA512

    ffd0f59a9a58e9b925283dfbf2b7b7e6df6c89d1163aa197aac02fb8aa3f6c5570a19176508f5408adc431c92fb10ad9512e1c760995d4a942a19a7d79b25acb

  • SSDEEP

    384:fRU8XpAlg+7mivL0WwHUOADcsgYXKAVExRvvouLaufAyS7vvxlLu:fRURIiT27mh9Fujv7WuA7D

Malware Config

Extracted

Family

xtremerat

C2

tannn.no-ip.org

Targets

    • Target

      a54f2d9f560cf9633904e7bd0aa0f073_JaffaCakes118

    • Size

      27KB

    • MD5

      a54f2d9f560cf9633904e7bd0aa0f073

    • SHA1

      0bac7255c57a927e13f2ebdb742b4b6d1dbb29ec

    • SHA256

      c421240a62885ee31d2b684b88aee5e3d793dfa0e9552a92cd5e452cf49b0f31

    • SHA512

      ffd0f59a9a58e9b925283dfbf2b7b7e6df6c89d1163aa197aac02fb8aa3f6c5570a19176508f5408adc431c92fb10ad9512e1c760995d4a942a19a7d79b25acb

    • SSDEEP

      384:fRU8XpAlg+7mivL0WwHUOADcsgYXKAVExRvvouLaufAyS7vvxlLu:fRURIiT27mh9Fujv7WuA7D

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks