General

  • Target

    385a53265bdf23b970c5e168a3cc8cd1_JaffaCakes118

  • Size

    344KB

  • Sample

    241012-em36cawhpr

  • MD5

    385a53265bdf23b970c5e168a3cc8cd1

  • SHA1

    e75b2b0710025a63cc48ebc576490211aa544261

  • SHA256

    e3a225f9cd1245ccb32a1d4b3d58bc0087acb08c60c103ba30e9e89c3fe50f4e

  • SHA512

    a7ac15b51637b4f37a1ba561bd338513ea327610b2e67a39fee808031b5b0c2c86cdecf5334b1eb48f2b60a255d9b0bd63e9144e63cfc5ccafe891eba8803a25

  • SSDEEP

    1536:Psq+QV4rObAdXWpf/y+PnXoi0AITLmRcwAuXlVOWaE7c4UvHBqX/z:C44rj/GXoZmSwvXYvHBqXr

Malware Config

Extracted

Family

xtremerat

C2

mmsalti.no-ip.org

Targets

    • Target

      385a53265bdf23b970c5e168a3cc8cd1_JaffaCakes118

    • Size

      344KB

    • MD5

      385a53265bdf23b970c5e168a3cc8cd1

    • SHA1

      e75b2b0710025a63cc48ebc576490211aa544261

    • SHA256

      e3a225f9cd1245ccb32a1d4b3d58bc0087acb08c60c103ba30e9e89c3fe50f4e

    • SHA512

      a7ac15b51637b4f37a1ba561bd338513ea327610b2e67a39fee808031b5b0c2c86cdecf5334b1eb48f2b60a255d9b0bd63e9144e63cfc5ccafe891eba8803a25

    • SSDEEP

      1536:Psq+QV4rObAdXWpf/y+PnXoi0AITLmRcwAuXlVOWaE7c4UvHBqX/z:C44rj/GXoZmSwvXYvHBqXr

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks