General

  • Target

    df66f0ca4eedda1c0153aff63743f95f_JaffaCakes118

  • Size

    82KB

  • Sample

    241211-b5q2yszkht

  • MD5

    df66f0ca4eedda1c0153aff63743f95f

  • SHA1

    8b135e7c16dd6035df7bbc07e94330a590138e58

  • SHA256

    76b19c816680d2463447e55ff6e05a54de6152e20954df549f058392919fc6c4

  • SHA512

    cdf3de415da553c582fb7693bada6eaabf54bc9fd61cbffda482e1078de22edb75ac2a09b5368cb4ce925ad7725904fd3af17f989320a096da84b717dec669e8

  • SSDEEP

    1536:dSfWkjK0aKqqVs9WzJmv/DdSeWJxfnsf0Zop/m+mxyxHsItTedbDVO7wGU0BM/eh:d4D20kqa9WdmnDYTPsf0Zow+m0lttCdG

Malware Config

Targets

    • Target

      df66f0ca4eedda1c0153aff63743f95f_JaffaCakes118

    • Size

      82KB

    • MD5

      df66f0ca4eedda1c0153aff63743f95f

    • SHA1

      8b135e7c16dd6035df7bbc07e94330a590138e58

    • SHA256

      76b19c816680d2463447e55ff6e05a54de6152e20954df549f058392919fc6c4

    • SHA512

      cdf3de415da553c582fb7693bada6eaabf54bc9fd61cbffda482e1078de22edb75ac2a09b5368cb4ce925ad7725904fd3af17f989320a096da84b717dec669e8

    • SSDEEP

      1536:dSfWkjK0aKqqVs9WzJmv/DdSeWJxfnsf0Zop/m+mxyxHsItTedbDVO7wGU0BM/eh:d4D20kqa9WdmnDYTPsf0Zow+m0lttCdG

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks