General
-
Target
da5d72712a8d1b531ae74b2732c0a861_JaffaCakes118
-
Size
180KB
-
Sample
241209-s7xqysspcw
-
MD5
da5d72712a8d1b531ae74b2732c0a861
-
SHA1
31de5cbbdaafee0f001d843b0e8ceeffd444c223
-
SHA256
273e8db4056fe44b972e1abff929a768d3a02d9361737415c85c7d80e4ed8465
-
SHA512
273830850b37fd855e2c55194a88cad33574e626bbc0b82af608ca7c693554eb137cdc2fbf534eb68c14b7220dfa6b9ff1b354d7371a5805a4fa23530cda5291
-
SSDEEP
3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTz:g2MjNWspjNHSkPOFyY
Static task
static1
Behavioral task
behavioral1
Sample
da5d72712a8d1b531ae74b2732c0a861_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
da5d72712a8d1b531ae74b2732c0a861_JaffaCakes118
-
Size
180KB
-
MD5
da5d72712a8d1b531ae74b2732c0a861
-
SHA1
31de5cbbdaafee0f001d843b0e8ceeffd444c223
-
SHA256
273e8db4056fe44b972e1abff929a768d3a02d9361737415c85c7d80e4ed8465
-
SHA512
273830850b37fd855e2c55194a88cad33574e626bbc0b82af608ca7c693554eb137cdc2fbf534eb68c14b7220dfa6b9ff1b354d7371a5805a4fa23530cda5291
-
SSDEEP
3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTz:g2MjNWspjNHSkPOFyY
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-