General
-
Target
377cb43a5bc5647eac36dff8b3713443_JaffaCakes118
-
Size
223KB
-
Sample
241012-ac794awcpn
-
MD5
377cb43a5bc5647eac36dff8b3713443
-
SHA1
70601efc8bdbd8bd6983e5fe13017b4050d9a6b8
-
SHA256
a505d36069a5ea5540b180f86b1ec6b64cf82d2ef2b71357f0a67611db38dd91
-
SHA512
0595d2b3cca7fe2992df2cb5abbbdc479de871eee01d8556ca3505b79fdb5eea361a68caac8d0cec32773f2547e4c2d174d72fa62acf4451cad5b4bc1f88a33b
-
SSDEEP
6144:6iA1MnUWO1RNRgm2rgxXv8/o7Ulppd3W/n9ZbU42l74:bAWKRNRhLu/plrdqby
Static task
static1
Behavioral task
behavioral1
Sample
377cb43a5bc5647eac36dff8b3713443_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
377cb43a5bc5647eac36dff8b3713443_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
377cb43a5bc5647eac36dff8b3713443_JaffaCakes118
-
Size
223KB
-
MD5
377cb43a5bc5647eac36dff8b3713443
-
SHA1
70601efc8bdbd8bd6983e5fe13017b4050d9a6b8
-
SHA256
a505d36069a5ea5540b180f86b1ec6b64cf82d2ef2b71357f0a67611db38dd91
-
SHA512
0595d2b3cca7fe2992df2cb5abbbdc479de871eee01d8556ca3505b79fdb5eea361a68caac8d0cec32773f2547e4c2d174d72fa62acf4451cad5b4bc1f88a33b
-
SSDEEP
6144:6iA1MnUWO1RNRgm2rgxXv8/o7Ulppd3W/n9ZbU42l74:bAWKRNRhLu/plrdqby
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-