General

  • Target

    5668021d9553742d586601e2bbf615d7_JaffaCakes118

  • Size

    62KB

  • Sample

    241018-kbf5bswhmh

  • MD5

    5668021d9553742d586601e2bbf615d7

  • SHA1

    6e7b88125d0c04470f33cbf34a422111d9be13a9

  • SHA256

    dc11e60248861f006b4cf21a1b4a9d89debc9f5da5f10a83452ca2db2b98e4cc

  • SHA512

    c2cb5f20944a1ba23246361545b2ff70cbc0801cbb36dc7337965b3cd98252acf140da1446d4a551bb499c9a0f102aeb55e4b7ee3b46f69a71a78acf9936f054

  • SSDEEP

    1536:sT8qDqQ8K9MK3tGjbNwPZ6oAXHWTl5NX3mBQ:SqMyKdcZXHW53

Malware Config

Extracted

Family

xtremerat

C2

11hack1.no-ip.biz

11hack11.no-ip.biz

饼⣨.jouba.no-ip.biz

Targets

    • Target

      5668021d9553742d586601e2bbf615d7_JaffaCakes118

    • Size

      62KB

    • MD5

      5668021d9553742d586601e2bbf615d7

    • SHA1

      6e7b88125d0c04470f33cbf34a422111d9be13a9

    • SHA256

      dc11e60248861f006b4cf21a1b4a9d89debc9f5da5f10a83452ca2db2b98e4cc

    • SHA512

      c2cb5f20944a1ba23246361545b2ff70cbc0801cbb36dc7337965b3cd98252acf140da1446d4a551bb499c9a0f102aeb55e4b7ee3b46f69a71a78acf9936f054

    • SSDEEP

      1536:sT8qDqQ8K9MK3tGjbNwPZ6oAXHWTl5NX3mBQ:SqMyKdcZXHW53

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

MITRE ATT&CK Enterprise v15

Tasks