General

  • Target

    966b2629b0076cefc1fd28f42c4ef00d_JaffaCakes118

  • Size

    31KB

  • Sample

    241124-wzkcfasmbz

  • MD5

    966b2629b0076cefc1fd28f42c4ef00d

  • SHA1

    77521dd8fa172ae6c2fd47342a69885fc1c553ab

  • SHA256

    ecc9a9cf4a6f9e4828ae8b5209a4a7069a5c50d8b6eb99ac03626d4987b8a976

  • SHA512

    a2979ba504af91bccc62da0df2b79c3fc798d95af93228bb0c2e36798dc9daccec4a29c78a18db6974f78bc0ee10ccffa13edfafeded4e2d3050feede7e08230

  • SSDEEP

    768:FsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jXNO9LOlL5:uNW70x6ALBwvElL5

Malware Config

Extracted

Family

xtremerat

C2

semih34.no-ip.biz

Targets

    • Target

      966b2629b0076cefc1fd28f42c4ef00d_JaffaCakes118

    • Size

      31KB

    • MD5

      966b2629b0076cefc1fd28f42c4ef00d

    • SHA1

      77521dd8fa172ae6c2fd47342a69885fc1c553ab

    • SHA256

      ecc9a9cf4a6f9e4828ae8b5209a4a7069a5c50d8b6eb99ac03626d4987b8a976

    • SHA512

      a2979ba504af91bccc62da0df2b79c3fc798d95af93228bb0c2e36798dc9daccec4a29c78a18db6974f78bc0ee10ccffa13edfafeded4e2d3050feede7e08230

    • SSDEEP

      768:FsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jXNO9LOlL5:uNW70x6ALBwvElL5

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks