General
-
Target
df66f0ca4eedda1c0153aff63743f95f_JaffaCakes118
-
Size
82KB
-
Sample
241211-b5q2yszkht
-
MD5
df66f0ca4eedda1c0153aff63743f95f
-
SHA1
8b135e7c16dd6035df7bbc07e94330a590138e58
-
SHA256
76b19c816680d2463447e55ff6e05a54de6152e20954df549f058392919fc6c4
-
SHA512
cdf3de415da553c582fb7693bada6eaabf54bc9fd61cbffda482e1078de22edb75ac2a09b5368cb4ce925ad7725904fd3af17f989320a096da84b717dec669e8
-
SSDEEP
1536:dSfWkjK0aKqqVs9WzJmv/DdSeWJxfnsf0Zop/m+mxyxHsItTedbDVO7wGU0BM/eh:d4D20kqa9WdmnDYTPsf0Zow+m0lttCdG
Static task
static1
Behavioral task
behavioral1
Sample
df66f0ca4eedda1c0153aff63743f95f_JaffaCakes118.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
df66f0ca4eedda1c0153aff63743f95f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
df66f0ca4eedda1c0153aff63743f95f_JaffaCakes118
-
Size
82KB
-
MD5
df66f0ca4eedda1c0153aff63743f95f
-
SHA1
8b135e7c16dd6035df7bbc07e94330a590138e58
-
SHA256
76b19c816680d2463447e55ff6e05a54de6152e20954df549f058392919fc6c4
-
SHA512
cdf3de415da553c582fb7693bada6eaabf54bc9fd61cbffda482e1078de22edb75ac2a09b5368cb4ce925ad7725904fd3af17f989320a096da84b717dec669e8
-
SSDEEP
1536:dSfWkjK0aKqqVs9WzJmv/DdSeWJxfnsf0Zop/m+mxyxHsItTedbDVO7wGU0BM/eh:d4D20kqa9WdmnDYTPsf0Zow+m0lttCdG
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-