General

  • Target

    c8c12d2ad439b971990f83e6be13ddee_JaffaCakes118

  • Size

    171KB

  • MD5

    c8c12d2ad439b971990f83e6be13ddee

  • SHA1

    3f79e1bad60d4fd67da1de63b27d1d2fd9206a56

  • SHA256

    d4c1fe761bfb519ae1b14d1c80747d96d586ce4884642306baa26bb6fc0a14fb

  • SHA512

    feb0d64d6e492104823ed9351d3f3a9a61948a23cc52d0f9a91add07773945ea183e6bae65b925e18c00f48f976e78c2997b6140836ecfad8efda2c87136f598

  • SSDEEP

    3072:eNW7dEvotvXNK0+LRP8IQzsc/VFyYrnlcXU2LwvuD6SMoBOUHejaQ+Fa4dske+Km:eNW7mvIIFd0IQXWYRkL4uWdo4UHejh20

Score
10/10

Malware Config

Signatures

  • Detect XtremeRAT payload 1 IoCs
  • Xtremerat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • c8c12d2ad439b971990f83e6be13ddee_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections