General
-
Target
d8fe93ced1df19c7f352ddad84dcc771_JaffaCakes118
-
Size
1.0MB
-
Sample
241209-lnempsykdn
-
MD5
d8fe93ced1df19c7f352ddad84dcc771
-
SHA1
e00fd8f15905821de5ffb0c0686530d06deb3211
-
SHA256
21780285d5f3f1e205884c482d452bd4eb55e492613d9d5dda1097f96e122f6d
-
SHA512
2f65bb2e35dacc2fb1ec4a74a77868d13ba22d1d6350ea31488b704a5283ecd30ef622d966867f7a4bc76a0e137293887384613cd9c5f396c468c4b8261c99df
-
SSDEEP
6144:4ORUQxcBKTxd5udhiNoG27CBNC7CBNGFul7EXgORUQxcBKTxd5udhiNo:4ORUw27+C7+57OgORU
Static task
static1
Behavioral task
behavioral1
Sample
d8fe93ced1df19c7f352ddad84dcc771_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
d8fe93ced1df19c7f352ddad84dcc771_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d8fe93ced1df19c7f352ddad84dcc771_JaffaCakes118
-
Size
1.0MB
-
MD5
d8fe93ced1df19c7f352ddad84dcc771
-
SHA1
e00fd8f15905821de5ffb0c0686530d06deb3211
-
SHA256
21780285d5f3f1e205884c482d452bd4eb55e492613d9d5dda1097f96e122f6d
-
SHA512
2f65bb2e35dacc2fb1ec4a74a77868d13ba22d1d6350ea31488b704a5283ecd30ef622d966867f7a4bc76a0e137293887384613cd9c5f396c468c4b8261c99df
-
SSDEEP
6144:4ORUQxcBKTxd5udhiNoG27CBNC7CBNGFul7EXgORUQxcBKTxd5udhiNo:4ORUw27+C7+57OgORU
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-