General

  • Target

    ddc94e6206bb75cd6426e1d38883b0ae_JaffaCakes118

  • Size

    33KB

  • Sample

    241210-jy491avmfq

  • MD5

    ddc94e6206bb75cd6426e1d38883b0ae

  • SHA1

    0f3fa9260e4f24f2b79cb3ae7106d304c1d7a3c0

  • SHA256

    b7feab92f719dbc4133fac9e7822b0fa986447c189464bb80eca4dcb21b7596c

  • SHA512

    b08acdf60af4f2cb53c645ac823a5021b2e8efe651c25b867304788b58d45c4f4e7b180997abb67a09d29b48be25c2a84ba28507e2bd684975ac5bc03d2ea48e

  • SSDEEP

    768:7MuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lm0OT51bd0tD:ANW71rcYDAWeotvXlnOT5NS

Malware Config

Extracted

Family

xtremerat

C2

hacker123123.no-ip.biz

Targets

    • Target

      ddc94e6206bb75cd6426e1d38883b0ae_JaffaCakes118

    • Size

      33KB

    • MD5

      ddc94e6206bb75cd6426e1d38883b0ae

    • SHA1

      0f3fa9260e4f24f2b79cb3ae7106d304c1d7a3c0

    • SHA256

      b7feab92f719dbc4133fac9e7822b0fa986447c189464bb80eca4dcb21b7596c

    • SHA512

      b08acdf60af4f2cb53c645ac823a5021b2e8efe651c25b867304788b58d45c4f4e7b180997abb67a09d29b48be25c2a84ba28507e2bd684975ac5bc03d2ea48e

    • SSDEEP

      768:7MuijtHf5g7/IIG3bGcYDBSvFIWuePQtv66lm0OT51bd0tD:ANW71rcYDAWeotvXlnOT5NS

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks