General

  • Target

    e146d56c890fb1168e3a86fe4466f547_JaffaCakes118

  • Size

    33KB

  • Sample

    241211-nnad4avpep

  • MD5

    e146d56c890fb1168e3a86fe4466f547

  • SHA1

    ca9a57e74c3f4c78c9e4fcde98eec56a792e8bfd

  • SHA256

    3015c8e81487d8a97f77171db836c6c9ea70ece8d0619ee0fd3dfd1dd9c22237

  • SHA512

    506d68cd7b1fd5caf66f0f7f43077d8fc6f48b80e8a4dabde4df8da425a1b165de8a942c548703d29a311368812546c347697288ea41dd3f6da0834a051deb2e

  • SSDEEP

    768:eMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgV8XB6sl+AR/P:7NW71rcYDAWeoDrsFwy

Malware Config

Extracted

Family

xtremerat

C2

emyjohacker.no-ip.org

Targets

    • Target

      e146d56c890fb1168e3a86fe4466f547_JaffaCakes118

    • Size

      33KB

    • MD5

      e146d56c890fb1168e3a86fe4466f547

    • SHA1

      ca9a57e74c3f4c78c9e4fcde98eec56a792e8bfd

    • SHA256

      3015c8e81487d8a97f77171db836c6c9ea70ece8d0619ee0fd3dfd1dd9c22237

    • SHA512

      506d68cd7b1fd5caf66f0f7f43077d8fc6f48b80e8a4dabde4df8da425a1b165de8a942c548703d29a311368812546c347697288ea41dd3f6da0834a051deb2e

    • SSDEEP

      768:eMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgV8XB6sl+AR/P:7NW71rcYDAWeoDrsFwy

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks