General

  • Target

    d8fe93ced1df19c7f352ddad84dcc771_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241209-lnempsykdn

  • MD5

    d8fe93ced1df19c7f352ddad84dcc771

  • SHA1

    e00fd8f15905821de5ffb0c0686530d06deb3211

  • SHA256

    21780285d5f3f1e205884c482d452bd4eb55e492613d9d5dda1097f96e122f6d

  • SHA512

    2f65bb2e35dacc2fb1ec4a74a77868d13ba22d1d6350ea31488b704a5283ecd30ef622d966867f7a4bc76a0e137293887384613cd9c5f396c468c4b8261c99df

  • SSDEEP

    6144:4ORUQxcBKTxd5udhiNoG27CBNC7CBNGFul7EXgORUQxcBKTxd5udhiNo:4ORUw27+C7+57OgORU

Malware Config

Targets

    • Target

      d8fe93ced1df19c7f352ddad84dcc771_JaffaCakes118

    • Size

      1.0MB

    • MD5

      d8fe93ced1df19c7f352ddad84dcc771

    • SHA1

      e00fd8f15905821de5ffb0c0686530d06deb3211

    • SHA256

      21780285d5f3f1e205884c482d452bd4eb55e492613d9d5dda1097f96e122f6d

    • SHA512

      2f65bb2e35dacc2fb1ec4a74a77868d13ba22d1d6350ea31488b704a5283ecd30ef622d966867f7a4bc76a0e137293887384613cd9c5f396c468c4b8261c99df

    • SSDEEP

      6144:4ORUQxcBKTxd5udhiNoG27CBNC7CBNGFul7EXgORUQxcBKTxd5udhiNo:4ORUw27+C7+57OgORU

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks