Extracted

• • Target

    JaffaCakes118_201c2776d6eece622682eecb4130c8eb

  • Size

    65KB

  • MD5

    201c2776d6eece622682eecb4130c8eb

  • SHA1

    bf27a56926538a37d3328579e23368e5af77a099

  • SHA256

    af3adb0fa36eefa5de9d4e2c72e504b78145a09d927ea1870f24b983e0971cc3

  • SHA512

    59db19c0e735dca518b9f1941c22741aa40e4e9ec2c685e874553f1a1e00f8607b5e6b42c68064bb24e5a3a34209e12847354840673f5b658ee63c5e11f8a574

  • SSDEEP

    1536:avB8hHx3krM9KvqJcSOIHtquYwQF3ikbNMTnu:apkRQM9Kv21quYw03p5cnu

  Score

  10^/10

  xtremeratdiscoverypersistenceratspywareupx

  • Detect XtremeRAT payload

  • XtremeRAT

    The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    persistencespywareratxtremerat

  • Xtremerat family

    xtremerat

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2