General

  • Target

    c7b74b9600b9001ef416141e4343ce52_JaffaCakes118

  • Size

    31KB

  • Sample

    241205-pq548avkes

  • MD5

    c7b74b9600b9001ef416141e4343ce52

  • SHA1

    024eccafad18bd1e7b39cbc69e514ff2622a1504

  • SHA256

    c9198b50e234c46c77dcc7681ccd8ba2420ad9f73b9af3024270a5768af2e2ac

  • SHA512

    71d94bc44b9a37d991f949f4b941e9dcf3200d3386959489ae5700c0ce033a0add89d5271b2d6426b5e20c9f8ec48d87e0b5f34c267706c58a80817f55ef8b2a

  • SSDEEP

    768:xsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jU+mDjM:6NW70x6ALBwZ+A

Malware Config

Extracted

Family

xtremerat

C2

laylaylom.no-ip.com

Targets

    • Target

      c7b74b9600b9001ef416141e4343ce52_JaffaCakes118

    • Size

      31KB

    • MD5

      c7b74b9600b9001ef416141e4343ce52

    • SHA1

      024eccafad18bd1e7b39cbc69e514ff2622a1504

    • SHA256

      c9198b50e234c46c77dcc7681ccd8ba2420ad9f73b9af3024270a5768af2e2ac

    • SHA512

      71d94bc44b9a37d991f949f4b941e9dcf3200d3386959489ae5700c0ce033a0add89d5271b2d6426b5e20c9f8ec48d87e0b5f34c267706c58a80817f55ef8b2a

    • SSDEEP

      768:xsuijtHf5g7/MjN3Ha4LWqY+5cpSMuRRRzv4/+5jU+mDjM:6NW70x6ALBwZ+A

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks