General

  • Target

    2efaab5dd78e6cb32c8653ab7f60a6df_JaffaCakes118

  • Size

    44KB

  • Sample

    241009-ltzj3awekq

  • MD5

    2efaab5dd78e6cb32c8653ab7f60a6df

  • SHA1

    8380e76cdb219d0c92dddfcf9e77e0791b5c2813

  • SHA256

    76f0788489351943dafd251e22eb2aebbcdaa4b285323421fc5d119d3e858a6b

  • SHA512

    34cc6d7b530dcc9f84f1ae38be0f73d3ec01983ceee2e52927836aab7fca09a80f5dd2606432cfd9ae3ae0f37b50dcf2aaf21b048fc11298d72c11c57597b358

  • SSDEEP

    768:rBr+tjFKTPEAlfztA1lr6an3sGTrOvm2DfuTwYPI+zoJ1L:FyR0nlri1lr6anXTrOvm2bOQCozL

Malware Config

Extracted

Family

xtremerat

C2

namehost.dyndns.org

Targets

    • Target

      2efaab5dd78e6cb32c8653ab7f60a6df_JaffaCakes118

    • Size

      44KB

    • MD5

      2efaab5dd78e6cb32c8653ab7f60a6df

    • SHA1

      8380e76cdb219d0c92dddfcf9e77e0791b5c2813

    • SHA256

      76f0788489351943dafd251e22eb2aebbcdaa4b285323421fc5d119d3e858a6b

    • SHA512

      34cc6d7b530dcc9f84f1ae38be0f73d3ec01983ceee2e52927836aab7fca09a80f5dd2606432cfd9ae3ae0f37b50dcf2aaf21b048fc11298d72c11c57597b358

    • SSDEEP

      768:rBr+tjFKTPEAlfztA1lr6an3sGTrOvm2DfuTwYPI+zoJ1L:FyR0nlri1lr6anXTrOvm2bOQCozL

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks