General

  • Target

    e2f3bc838868512291eac5bbec29c7e0_JaffaCakes118

  • Size

    283KB

  • Sample

    241211-yhvsys1jcr

  • MD5

    e2f3bc838868512291eac5bbec29c7e0

  • SHA1

    952f0f1e866c9a2743c939ff894bbdaf75c6fff3

  • SHA256

    c8477d6f4710eabfb19717701b4545baebbafec3605c7eefd3c1c91e403fed1b

  • SHA512

    0879ca3966cb08d4ac3dad41ed9fe762888a1c17c2dbe4637295d83b2c533831a288745a1b631d6d0b63a4488134fd26b5714bc9709139584de3d3c81a38a0f2

  • SSDEEP

    768:7Gsdq7QJTlbUP3EwomeRih8jLlLDhKDSGU2+rD71SCgEHYr:Ksdq7QgP0ZNWb+XY

Malware Config

Extracted

Family

xtremerat

C2

mashaal.no-ip.biz

Targets

    • Target

      e2f3bc838868512291eac5bbec29c7e0_JaffaCakes118

    • Size

      283KB

    • MD5

      e2f3bc838868512291eac5bbec29c7e0

    • SHA1

      952f0f1e866c9a2743c939ff894bbdaf75c6fff3

    • SHA256

      c8477d6f4710eabfb19717701b4545baebbafec3605c7eefd3c1c91e403fed1b

    • SHA512

      0879ca3966cb08d4ac3dad41ed9fe762888a1c17c2dbe4637295d83b2c533831a288745a1b631d6d0b63a4488134fd26b5714bc9709139584de3d3c81a38a0f2

    • SSDEEP

      768:7Gsdq7QJTlbUP3EwomeRih8jLlLDhKDSGU2+rD71SCgEHYr:Ksdq7QgP0ZNWb+XY

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks