General
-
Target
c7b74b9600b9001ef416141e4343ce52_JaffaCakes118
-
Size
31KB
-
Sample
241205-pq548avkes
-
MD5
c7b74b9600b9001ef416141e4343ce52
-
SHA1
024eccafad18bd1e7b39cbc69e514ff2622a1504
-
SHA256
c9198b50e234c46c77dcc7681ccd8ba2420ad9f73b9af3024270a5768af2e2ac
-
SHA512
71d94bc44b9a37d991f949f4b941e9dcf3200d3386959489ae5700c0ce033a0add89d5271b2d6426b5e20c9f8ec48d87e0b5f34c267706c58a80817f55ef8b2a
-
SSDEEP
768:xsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jU+mDjM:6NW70x6ALBwZ+A
Behavioral task
behavioral1
Sample
c7b74b9600b9001ef416141e4343ce52_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
xtremerat
laylaylom.no-ip.com
Targets
-
-
Target
c7b74b9600b9001ef416141e4343ce52_JaffaCakes118
-
Size
31KB
-
MD5
c7b74b9600b9001ef416141e4343ce52
-
SHA1
024eccafad18bd1e7b39cbc69e514ff2622a1504
-
SHA256
c9198b50e234c46c77dcc7681ccd8ba2420ad9f73b9af3024270a5768af2e2ac
-
SHA512
71d94bc44b9a37d991f949f4b941e9dcf3200d3386959489ae5700c0ce033a0add89d5271b2d6426b5e20c9f8ec48d87e0b5f34c267706c58a80817f55ef8b2a
-
SSDEEP
768:xsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jU+mDjM:6NW70x6ALBwZ+A
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-