General
-
Target
e146d56c890fb1168e3a86fe4466f547_JaffaCakes118
-
Size
33KB
-
Sample
241211-nnad4avpep
-
MD5
e146d56c890fb1168e3a86fe4466f547
-
SHA1
ca9a57e74c3f4c78c9e4fcde98eec56a792e8bfd
-
SHA256
3015c8e81487d8a97f77171db836c6c9ea70ece8d0619ee0fd3dfd1dd9c22237
-
SHA512
506d68cd7b1fd5caf66f0f7f43077d8fc6f48b80e8a4dabde4df8da425a1b165de8a942c548703d29a311368812546c347697288ea41dd3f6da0834a051deb2e
-
SSDEEP
768:eMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgV8XB6sl+AR/P:7NW71rcYDAWeoDrsFwy
Behavioral task
behavioral1
Sample
e146d56c890fb1168e3a86fe4466f547_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
xtremerat
emyjohacker.no-ip.org
Targets
-
-
Target
e146d56c890fb1168e3a86fe4466f547_JaffaCakes118
-
Size
33KB
-
MD5
e146d56c890fb1168e3a86fe4466f547
-
SHA1
ca9a57e74c3f4c78c9e4fcde98eec56a792e8bfd
-
SHA256
3015c8e81487d8a97f77171db836c6c9ea70ece8d0619ee0fd3dfd1dd9c22237
-
SHA512
506d68cd7b1fd5caf66f0f7f43077d8fc6f48b80e8a4dabde4df8da425a1b165de8a942c548703d29a311368812546c347697288ea41dd3f6da0834a051deb2e
-
SSDEEP
768:eMuijtHf5g7/IIG3bGcYDBSvFIWuePQDGEsgV8XB6sl+AR/P:7NW71rcYDAWeoDrsFwy
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-