General
-
Target
JaffaCakes118_8110306b61afb2a417be0444fa176a4b
-
Size
220KB
-
Sample
250202-1fgjnaypa1
-
MD5
8110306b61afb2a417be0444fa176a4b
-
SHA1
ca4408bf8b77d60f0dae1af90f35cff18b37f225
-
SHA256
f42f197b3b18e005a22c9da207b9329f8652a04dfee4763e8511d25956a88f14
-
SHA512
907d5af61fe187ad563e1e07d374973050eb094823dcf1486271f3e6f5de34e55826b42a0a285f7e024b2a4b931ec0efc33626b42f2d0778ae799a96b7ad3a34
-
SSDEEP
1536:BLabUUGudow0LdaYquDdO+1KdM0mDw7jFd+npdMX/bcd91ERDIvbUUGudow0Ldav:ENow0LdEWrpY+npiX/K1EhIBNow0Ld
Malware Config
Targets
-
-
Target
JaffaCakes118_8110306b61afb2a417be0444fa176a4b
-
Size
220KB
-
MD5
8110306b61afb2a417be0444fa176a4b
-
SHA1
ca4408bf8b77d60f0dae1af90f35cff18b37f225
-
SHA256
f42f197b3b18e005a22c9da207b9329f8652a04dfee4763e8511d25956a88f14
-
SHA512
907d5af61fe187ad563e1e07d374973050eb094823dcf1486271f3e6f5de34e55826b42a0a285f7e024b2a4b931ec0efc33626b42f2d0778ae799a96b7ad3a34
-
SSDEEP
1536:BLabUUGudow0LdaYquDdO+1KdM0mDw7jFd+npdMX/bcd91ERDIvbUUGudow0Ldav:ENow0LdEWrpY+npiX/K1EhIBNow0Ld
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-