General
-
Target
385a53265bdf23b970c5e168a3cc8cd1_JaffaCakes118
-
Size
344KB
-
Sample
241012-em36cawhpr
-
MD5
385a53265bdf23b970c5e168a3cc8cd1
-
SHA1
e75b2b0710025a63cc48ebc576490211aa544261
-
SHA256
e3a225f9cd1245ccb32a1d4b3d58bc0087acb08c60c103ba30e9e89c3fe50f4e
-
SHA512
a7ac15b51637b4f37a1ba561bd338513ea327610b2e67a39fee808031b5b0c2c86cdecf5334b1eb48f2b60a255d9b0bd63e9144e63cfc5ccafe891eba8803a25
-
SSDEEP
1536:Psq+QV4rObAdXWpf/y+PnXoi0AITLmRcwAuXlVOWaE7c4UvHBqX/z:C44rj/GXoZmSwvXYvHBqXr
Behavioral task
behavioral1
Sample
385a53265bdf23b970c5e168a3cc8cd1_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
xtremerat
mmsalti.no-ip.org
Targets
-
-
Target
385a53265bdf23b970c5e168a3cc8cd1_JaffaCakes118
-
Size
344KB
-
MD5
385a53265bdf23b970c5e168a3cc8cd1
-
SHA1
e75b2b0710025a63cc48ebc576490211aa544261
-
SHA256
e3a225f9cd1245ccb32a1d4b3d58bc0087acb08c60c103ba30e9e89c3fe50f4e
-
SHA512
a7ac15b51637b4f37a1ba561bd338513ea327610b2e67a39fee808031b5b0c2c86cdecf5334b1eb48f2b60a255d9b0bd63e9144e63cfc5ccafe891eba8803a25
-
SSDEEP
1536:Psq+QV4rObAdXWpf/y+PnXoi0AITLmRcwAuXlVOWaE7c4UvHBqX/z:C44rj/GXoZmSwvXYvHBqXr
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-