General
-
Target
d94993f5de32a5e4fa409c543231c9e0_JaffaCakes118
-
Size
756KB
-
Sample
241209-m32apazmdp
-
MD5
d94993f5de32a5e4fa409c543231c9e0
-
SHA1
41b4eee0c49086e7194dd4c9a32f4164b6909fa6
-
SHA256
cea86211416777d63d51af1a9110b4d47a66a4cd1d1c29c66383c71e64f8cfaf
-
SHA512
4fe8b39e8241b8258e6acc89aa2cc55f78eaf7152a4b4a8b16e9b33320e8ceb24461b92c2a7874300af7d9625e74306ed41b941ffcb7130a52689c9c546f354d
-
SSDEEP
6144:ajYk6uqCv2D6QVybFmMVSd6hqgIyIXkoYgnETmUZ0X+krjEmOSDeQEB0pIqOrIEi:VluZv2G7b7IyIGEITUHR
Static task
static1
Behavioral task
behavioral1
Sample
d94993f5de32a5e4fa409c543231c9e0_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
xtremerat
rezzknight33.zapto.org
Targets
-
-
Target
d94993f5de32a5e4fa409c543231c9e0_JaffaCakes118
-
Size
756KB
-
MD5
d94993f5de32a5e4fa409c543231c9e0
-
SHA1
41b4eee0c49086e7194dd4c9a32f4164b6909fa6
-
SHA256
cea86211416777d63d51af1a9110b4d47a66a4cd1d1c29c66383c71e64f8cfaf
-
SHA512
4fe8b39e8241b8258e6acc89aa2cc55f78eaf7152a4b4a8b16e9b33320e8ceb24461b92c2a7874300af7d9625e74306ed41b941ffcb7130a52689c9c546f354d
-
SSDEEP
6144:ajYk6uqCv2D6QVybFmMVSd6hqgIyIXkoYgnETmUZ0X+krjEmOSDeQEB0pIqOrIEi:VluZv2G7b7IyIGEITUHR
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-