General

  • Target

    5219060c2a3fe7a514ea55618693cd16_JaffaCakes118

  • Size

    33KB

  • Sample

    241017-pyj7qaxglf

  • MD5

    5219060c2a3fe7a514ea55618693cd16

  • SHA1

    30b18febea66f24cdb1a4ab884c75e74e1632250

  • SHA256

    a640568f9fda7b39974b602ebe3295cbb224e03cde02acaad689526a42815307

  • SHA512

    03abae93ac6db5caf01bf469d1ecf37da7422dac7b0a0daeefd224a6d0ab19820436d2ded10b4070e56d7b07d7a6e14bd911b4970cf9b1eb5967352cdc3ddcde

  • SSDEEP

    768:TMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lPtz2J6mzP+:oNW71rcYDAWeotvXlVAD

Malware Config

Extracted

Family

xtremerat

C2

hamadakaboo2020.no-ip.org

Targets

    • Target

      5219060c2a3fe7a514ea55618693cd16_JaffaCakes118

    • Size

      33KB

    • MD5

      5219060c2a3fe7a514ea55618693cd16

    • SHA1

      30b18febea66f24cdb1a4ab884c75e74e1632250

    • SHA256

      a640568f9fda7b39974b602ebe3295cbb224e03cde02acaad689526a42815307

    • SHA512

      03abae93ac6db5caf01bf469d1ecf37da7422dac7b0a0daeefd224a6d0ab19820436d2ded10b4070e56d7b07d7a6e14bd911b4970cf9b1eb5967352cdc3ddcde

    • SSDEEP

      768:TMuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lPtz2J6mzP+:oNW71rcYDAWeotvXlVAD

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks