General

  • Target

    a6c225440de907810d071d940152aa32_JaffaCakes118

  • Size

    86KB

  • Sample

    240818-p8x7bsvald

  • MD5

    a6c225440de907810d071d940152aa32

  • SHA1

    d1e50914cd0041d2756fe294eada45895c97f8d7

  • SHA256

    5360c2a8cff9e396f4113d47fac9f0ba0ebe3843de7c6c4bfdd5c2a017162958

  • SHA512

    16d3af8848b44b48428d2f314f84afc4027d2c2a5a341710047182737d27c94eef919b3abe0be94f134ee0b14a389d216b9119068b68eaa99204a57822866cdf

  • SSDEEP

    1536:tXUI5QcZF8+HhXt4tKhbq4/wpngLkGIrxJ881JTBbgs1eeNXDrO:tT5QettKKNB4pnhRTrZBbgsRPO

Malware Config

Targets

    • Target

      a6c225440de907810d071d940152aa32_JaffaCakes118

    • Size

      86KB

    • MD5

      a6c225440de907810d071d940152aa32

    • SHA1

      d1e50914cd0041d2756fe294eada45895c97f8d7

    • SHA256

      5360c2a8cff9e396f4113d47fac9f0ba0ebe3843de7c6c4bfdd5c2a017162958

    • SHA512

      16d3af8848b44b48428d2f314f84afc4027d2c2a5a341710047182737d27c94eef919b3abe0be94f134ee0b14a389d216b9119068b68eaa99204a57822866cdf

    • SSDEEP

      1536:tXUI5QcZF8+HhXt4tKhbq4/wpngLkGIrxJ881JTBbgs1eeNXDrO:tT5QettKKNB4pnhRTrZBbgsRPO

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks