General
-
Target
e2f3bc838868512291eac5bbec29c7e0_JaffaCakes118
-
Size
283KB
-
Sample
241211-yhvsys1jcr
-
MD5
e2f3bc838868512291eac5bbec29c7e0
-
SHA1
952f0f1e866c9a2743c939ff894bbdaf75c6fff3
-
SHA256
c8477d6f4710eabfb19717701b4545baebbafec3605c7eefd3c1c91e403fed1b
-
SHA512
0879ca3966cb08d4ac3dad41ed9fe762888a1c17c2dbe4637295d83b2c533831a288745a1b631d6d0b63a4488134fd26b5714bc9709139584de3d3c81a38a0f2
-
SSDEEP
768:7Gsdq7QJTlbUP3EwomeRih8jLlLDhKDSGU2+rD71SCgEHYr:Ksdq7QgP0ZNWb+XY
Behavioral task
behavioral1
Sample
e2f3bc838868512291eac5bbec29c7e0_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
xtremerat
mashaal.no-ip.biz
Targets
-
-
Target
e2f3bc838868512291eac5bbec29c7e0_JaffaCakes118
-
Size
283KB
-
MD5
e2f3bc838868512291eac5bbec29c7e0
-
SHA1
952f0f1e866c9a2743c939ff894bbdaf75c6fff3
-
SHA256
c8477d6f4710eabfb19717701b4545baebbafec3605c7eefd3c1c91e403fed1b
-
SHA512
0879ca3966cb08d4ac3dad41ed9fe762888a1c17c2dbe4637295d83b2c533831a288745a1b631d6d0b63a4488134fd26b5714bc9709139584de3d3c81a38a0f2
-
SSDEEP
768:7Gsdq7QJTlbUP3EwomeRih8jLlLDhKDSGU2+rD71SCgEHYr:Ksdq7QgP0ZNWb+XY
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-