General
-
Target
eabd64c6157652034d1ce757d694028f_JaffaCakes118
-
Size
62KB
-
Sample
241213-kw42wstkbz
-
MD5
eabd64c6157652034d1ce757d694028f
-
SHA1
291ed3b36613b29f98257a16ad0e922840528bf9
-
SHA256
cf3ca6f194d5add3b9116b459437d61357f42c5a045c3c7f544d9bb778756c68
-
SHA512
feb24faa0b513d766ed73e2a0ca3e68cdce481ca21aa70da301bd6de57de9939fbd15b9e7a8167e11986afdd46b26970de6e85f9914a1348683ea578c8e1a682
-
SSDEEP
1536:tT8qDqQdU9MKCtGjbNwPZ6XAXHWzl5NX3w:5qLyK+ceXHWZM
Behavioral task
behavioral1
Sample
eabd64c6157652034d1ce757d694028f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
eabd64c6157652034d1ce757d694028f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
xtremerat
11hack11.no-ip.biz
11hack1.no-ip.biz
䪤焙.jouba.no-ip.biz
Targets
-
-
Target
eabd64c6157652034d1ce757d694028f_JaffaCakes118
-
Size
62KB
-
MD5
eabd64c6157652034d1ce757d694028f
-
SHA1
291ed3b36613b29f98257a16ad0e922840528bf9
-
SHA256
cf3ca6f194d5add3b9116b459437d61357f42c5a045c3c7f544d9bb778756c68
-
SHA512
feb24faa0b513d766ed73e2a0ca3e68cdce481ca21aa70da301bd6de57de9939fbd15b9e7a8167e11986afdd46b26970de6e85f9914a1348683ea578c8e1a682
-
SSDEEP
1536:tT8qDqQdU9MKCtGjbNwPZ6XAXHWzl5NX3w:5qLyK+ceXHWZM
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-