General
-
Target
c8c12d2ad439b971990f83e6be13ddee_JaffaCakes118
-
Size
171KB
-
Sample
241205-v9s7na1lem
-
MD5
c8c12d2ad439b971990f83e6be13ddee
-
SHA1
3f79e1bad60d4fd67da1de63b27d1d2fd9206a56
-
SHA256
d4c1fe761bfb519ae1b14d1c80747d96d586ce4884642306baa26bb6fc0a14fb
-
SHA512
feb0d64d6e492104823ed9351d3f3a9a61948a23cc52d0f9a91add07773945ea183e6bae65b925e18c00f48f976e78c2997b6140836ecfad8efda2c87136f598
-
SSDEEP
3072:eNW7dEvotvXNK0+LRP8IQzsc/VFyYrnlcXU2LwvuD6SMoBOUHejaQ+Fa4dske+Km:eNW7mvIIFd0IQXWYRkL4uWdo4UHejh20
Behavioral task
behavioral1
Sample
c8c12d2ad439b971990f83e6be13ddee_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
xtremerat
mhmhaker20.no-ip.org
Targets
-
-
Target
c8c12d2ad439b971990f83e6be13ddee_JaffaCakes118
-
Size
171KB
-
MD5
c8c12d2ad439b971990f83e6be13ddee
-
SHA1
3f79e1bad60d4fd67da1de63b27d1d2fd9206a56
-
SHA256
d4c1fe761bfb519ae1b14d1c80747d96d586ce4884642306baa26bb6fc0a14fb
-
SHA512
feb0d64d6e492104823ed9351d3f3a9a61948a23cc52d0f9a91add07773945ea183e6bae65b925e18c00f48f976e78c2997b6140836ecfad8efda2c87136f598
-
SSDEEP
3072:eNW7dEvotvXNK0+LRP8IQzsc/VFyYrnlcXU2LwvuD6SMoBOUHejaQ+Fa4dske+Km:eNW7mvIIFd0IQXWYRkL4uWdo4UHejh20
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Drops file in System32 directory
-