General
-
Target
JaffaCakes118_f4c8d4362fc4b69e9478cef30b6c3750
-
Size
91KB
-
Sample
250120-xble9ssqdn
-
MD5
f4c8d4362fc4b69e9478cef30b6c3750
-
SHA1
89453e80dcd76bf61926017433f9669958fd1c64
-
SHA256
2037a3487578774ebb28eb3227bb71ef86f2c2155849b893803b16571c1e0dae
-
SHA512
2babc6bb7b1dc48a59b269e5a33fc2cec01136b85871f61e51a730becb0764dab13a74f3f7ed1c811322013eb2332cc797a115b9cf68e74f65b2481a57663944
-
SSDEEP
1536:pG2EnYa5m08A1lTtmFwD+5YcQrQni4xrSeLMXLMpOLJ0rV0PXH:pynFI0r1lTtmFwj/rQlxrSeIwpOLc0P
Malware Config
Extracted
xtremerat
mamon.zapto.org
Targets
-
-
Target
JaffaCakes118_f4c8d4362fc4b69e9478cef30b6c3750
-
Size
91KB
-
MD5
f4c8d4362fc4b69e9478cef30b6c3750
-
SHA1
89453e80dcd76bf61926017433f9669958fd1c64
-
SHA256
2037a3487578774ebb28eb3227bb71ef86f2c2155849b893803b16571c1e0dae
-
SHA512
2babc6bb7b1dc48a59b269e5a33fc2cec01136b85871f61e51a730becb0764dab13a74f3f7ed1c811322013eb2332cc797a115b9cf68e74f65b2481a57663944
-
SSDEEP
1536:pG2EnYa5m08A1lTtmFwD+5YcQrQni4xrSeLMXLMpOLJ0rV0PXH:pynFI0r1lTtmFwj/rQlxrSeIwpOLc0P
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-