General

  • Target

    d9b393d1ef2427891bc7e4b16a357e26_JaffaCakes118

  • Size

    471KB

  • Sample

    241209-p22wyaxphw

  • MD5

    d9b393d1ef2427891bc7e4b16a357e26

  • SHA1

    dba9d287db91ab58da8f7b612ed9294039eb5029

  • SHA256

    7dc0f4bfdf1e921511077402ef5ba60205332fb8d46ac2e6056d89c6c2199322

  • SHA512

    0f271f01c101313ced400a0adcf8ce708835ee7070836e7125023ea3674a7774bf79ddf8901b929fcd0439bf70b5f9035765cfa21390e131401da7ebc9bfb163

  • SSDEEP

    6144:uG1eQn11Gba5LIkA29UQ7kU68Y+IJFh7DtswNgFWvAUzs2IoXnr59B1iB0YapS+T:h/11G/Opk6CZD2dWoUzs1o3rXB1HD

Malware Config

Targets

    • Target

      d9b393d1ef2427891bc7e4b16a357e26_JaffaCakes118

    • Size

      471KB

    • MD5

      d9b393d1ef2427891bc7e4b16a357e26

    • SHA1

      dba9d287db91ab58da8f7b612ed9294039eb5029

    • SHA256

      7dc0f4bfdf1e921511077402ef5ba60205332fb8d46ac2e6056d89c6c2199322

    • SHA512

      0f271f01c101313ced400a0adcf8ce708835ee7070836e7125023ea3674a7774bf79ddf8901b929fcd0439bf70b5f9035765cfa21390e131401da7ebc9bfb163

    • SSDEEP

      6144:uG1eQn11Gba5LIkA29UQ7kU68Y+IJFh7DtswNgFWvAUzs2IoXnr59B1iB0YapS+T:h/11G/Opk6CZD2dWoUzs1o3rXB1HD

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks