General
-
Target
a6c225440de907810d071d940152aa32_JaffaCakes118
-
Size
86KB
-
Sample
240818-p8x7bsvald
-
MD5
a6c225440de907810d071d940152aa32
-
SHA1
d1e50914cd0041d2756fe294eada45895c97f8d7
-
SHA256
5360c2a8cff9e396f4113d47fac9f0ba0ebe3843de7c6c4bfdd5c2a017162958
-
SHA512
16d3af8848b44b48428d2f314f84afc4027d2c2a5a341710047182737d27c94eef919b3abe0be94f134ee0b14a389d216b9119068b68eaa99204a57822866cdf
-
SSDEEP
1536:tXUI5QcZF8+HhXt4tKhbq4/wpngLkGIrxJ881JTBbgs1eeNXDrO:tT5QettKKNB4pnhRTrZBbgsRPO
Static task
static1
Behavioral task
behavioral1
Sample
a6c225440de907810d071d940152aa32_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Targets
-
-
Target
a6c225440de907810d071d940152aa32_JaffaCakes118
-
Size
86KB
-
MD5
a6c225440de907810d071d940152aa32
-
SHA1
d1e50914cd0041d2756fe294eada45895c97f8d7
-
SHA256
5360c2a8cff9e396f4113d47fac9f0ba0ebe3843de7c6c4bfdd5c2a017162958
-
SHA512
16d3af8848b44b48428d2f314f84afc4027d2c2a5a341710047182737d27c94eef919b3abe0be94f134ee0b14a389d216b9119068b68eaa99204a57822866cdf
-
SSDEEP
1536:tXUI5QcZF8+HhXt4tKhbq4/wpngLkGIrxJ881JTBbgs1eeNXDrO:tT5QettKKNB4pnhRTrZBbgsRPO
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-