General

  • Target

    de5c7a14a6532fade204381d5f2ced48_JaffaCakes118

  • Size

    62KB

  • Sample

    241210-ymw7kswnfz

  • MD5

    de5c7a14a6532fade204381d5f2ced48

  • SHA1

    71378c25cc291dbd6e38e223bbe55222275a42bc

  • SHA256

    a6a4aedbcb4517bc7e89dd8b1760b00ea815e613f213660510b24850fb3807e2

  • SHA512

    befe42d4ed3083303c868142873fa4cc48fa9c9927987a6f02d0f0e526d4a070a9c7f33f0de083c0f90b79b5a2d8366d58a9abfd38dc4b2d6f028437c1c3f4d4

  • SSDEEP

    1536:j8qDqQMKgMK3tpbNwPZ6ZDeXHWwleNX3G:jqcXKdVjeXHWeD

Malware Config

Extracted

Family

xtremerat

C2

updatsys.sytes.net

Targets

    • Target

      de5c7a14a6532fade204381d5f2ced48_JaffaCakes118

    • Size

      62KB

    • MD5

      de5c7a14a6532fade204381d5f2ced48

    • SHA1

      71378c25cc291dbd6e38e223bbe55222275a42bc

    • SHA256

      a6a4aedbcb4517bc7e89dd8b1760b00ea815e613f213660510b24850fb3807e2

    • SHA512

      befe42d4ed3083303c868142873fa4cc48fa9c9927987a6f02d0f0e526d4a070a9c7f33f0de083c0f90b79b5a2d8366d58a9abfd38dc4b2d6f028437c1c3f4d4

    • SSDEEP

      1536:j8qDqQMKgMK3tpbNwPZ6ZDeXHWwleNX3G:jqcXKdVjeXHWeD

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

MITRE ATT&CK Enterprise v15

Tasks