General

  • Target

    da5d72712a8d1b531ae74b2732c0a861_JaffaCakes118

  • Size

    180KB

  • Sample

    241209-s7xqysspcw

  • MD5

    da5d72712a8d1b531ae74b2732c0a861

  • SHA1

    31de5cbbdaafee0f001d843b0e8ceeffd444c223

  • SHA256

    273e8db4056fe44b972e1abff929a768d3a02d9361737415c85c7d80e4ed8465

  • SHA512

    273830850b37fd855e2c55194a88cad33574e626bbc0b82af608ca7c693554eb137cdc2fbf534eb68c14b7220dfa6b9ff1b354d7371a5805a4fa23530cda5291

  • SSDEEP

    3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTz:g2MjNWspjNHSkPOFyY

Malware Config

Targets

    • Target

      da5d72712a8d1b531ae74b2732c0a861_JaffaCakes118

    • Size

      180KB

    • MD5

      da5d72712a8d1b531ae74b2732c0a861

    • SHA1

      31de5cbbdaafee0f001d843b0e8ceeffd444c223

    • SHA256

      273e8db4056fe44b972e1abff929a768d3a02d9361737415c85c7d80e4ed8465

    • SHA512

      273830850b37fd855e2c55194a88cad33574e626bbc0b82af608ca7c693554eb137cdc2fbf534eb68c14b7220dfa6b9ff1b354d7371a5805a4fa23530cda5291

    • SSDEEP

      3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTz:g2MjNWspjNHSkPOFyY

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks