General

  • Target

    dfed61261bd1ea9fe9e18a39e558f556_JaffaCakes118

  • Size

    54KB

  • MD5

    dfed61261bd1ea9fe9e18a39e558f556

  • SHA1

    f58968cdc882c4d68e4963bd000b0559d31b5782

  • SHA256

    93de40e35d13e353b61b3b8c6a2f2201d5cb2e150816f3e271334d1761883bf2

  • SHA512

    f4b21fb33c5a1fb9ec6544076329eb410c94a7561e6cdcd8484f49f09e191f3d991a42f5352c0a2d2f3bbc83b38c21847a463cfba1e93e8c2d3643ff119f83d0

  • SSDEEP

    1536:7IsFw9veVy8Zwbzc/W3kOT2iXDOTCOT4:7tFw9WVnkzEwKiX6j

Score
10/10

Malware Config

Signatures

  • Detect XtremeRAT payload 1 IoCs
  • Xtremerat family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • dfed61261bd1ea9fe9e18a39e558f556_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections