General

  • Target

    d043f850f783285f65e0b99169e55c47_JaffaCakes118

  • Size

    33KB

  • Sample

    241207-c4vjesxlhq

  • MD5

    d043f850f783285f65e0b99169e55c47

  • SHA1

    3a9770a44ed0d76e39ec06b3ba4e28303ca67d2c

  • SHA256

    bafe0a453cd1e5837409d43a4fe190b0f3124b1e2b60cc1c644861e110e486d8

  • SHA512

    0119cc3c45458595cf60d0d7d5cee6326732c1810d86af27dbcbb69dd93ad051ec069ea6744180e6352264f0ed3a39c968508abdf0b6ab5009dd7d83db09a103

  • SSDEEP

    768:XMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgRrXA4+FII:8NW71rcYDAWeoDrsaA/FI

Malware Config

Extracted

Family

xtremerat

C2

halahala.zapto.org

Targets

    • Target

      d043f850f783285f65e0b99169e55c47_JaffaCakes118

    • Size

      33KB

    • MD5

      d043f850f783285f65e0b99169e55c47

    • SHA1

      3a9770a44ed0d76e39ec06b3ba4e28303ca67d2c

    • SHA256

      bafe0a453cd1e5837409d43a4fe190b0f3124b1e2b60cc1c644861e110e486d8

    • SHA512

      0119cc3c45458595cf60d0d7d5cee6326732c1810d86af27dbcbb69dd93ad051ec069ea6744180e6352264f0ed3a39c968508abdf0b6ab5009dd7d83db09a103

    • SSDEEP

      768:XMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgRrXA4+FII:8NW71rcYDAWeoDrsaA/FI

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks