xtremerat | JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9
Size

2.2MB
MD5

7443e293e63dc4f63325bf4f381fd6d9
SHA1

b0987f1b6813b040946738896f6960a805b00434
SHA256

9f7b8a5da0d7fb8036bd6cf6fb5f808e747e3823c03a592bb133e49bc473924c
SHA512

af7f0adaffe07d38ddc032cdd2e9f141b1752b4ae274066751c14892dd51fea7b113efa27747730fec054493adcb950fe9848bc15ac71da20e14ce0364bc5311
SSDEEP

49152:UbfwM7Mb+4Nx5J7WrmbMviQRZUEIhFwzItkPo:c4D77Wr+ciFwzItUo

Score

10^/10

xtremerat

Malware Config

Signatures

Detect XtremeRAT payload 1 IoCs

resource	yara_rule
sample	family_xtremerat

Xtremerat family
xtremerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9

Files

JaffaCakes118_7443e293e63dc4f63325bf4f381fd6d9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

BitArts
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

BitArts Size: 40KB - Virtual size: 40KB

BitArts Size: 4KB - Virtual size: 4KB

BitArts Size: 204KB - Virtual size: 204KB

BitArts Size: 4KB - Virtual size: 4KB

BitArts Size: 4KB - Virtual size: 4KB

BitArts Size: 4KB - Virtual size: 4KB

BitArts Size: 4KB - Virtual size: 4KB

.rsrc Size: 104KB - Virtual size: 104KB

BitArts Size: 32KB - Virtual size: 32KB

BitArts Size: 8KB - Virtual size: 8KB

BitArts Size: 1.8MB - Virtual size: 1.8MB

BitArts
Size: 40KB - Virtual size: 40KB

BitArts
Size: 4KB - Virtual size: 4KB

BitArts
Size: 204KB - Virtual size: 204KB

BitArts
Size: 4KB - Virtual size: 4KB

BitArts
Size: 4KB - Virtual size: 4KB

BitArts
Size: 4KB - Virtual size: 4KB

BitArts
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 104KB - Virtual size: 104KB

BitArts
Size: 32KB - Virtual size: 32KB

BitArts
Size: 8KB - Virtual size: 8KB

BitArts
Size: 1.8MB - Virtual size: 1.8MB