General
-
Target
27bea8d5dc7096ba6bc3e64eb8c0538b_JaffaCakes118
-
Size
68KB
-
Sample
240706-jelnjstbne
-
MD5
27bea8d5dc7096ba6bc3e64eb8c0538b
-
SHA1
d30a8dba846837f4264ac3727272991df1341e08
-
SHA256
6da67635f97ae7851d174785a537bb652cdd81df909c6e5a65047313c16b25f4
-
SHA512
0361158cc4c749aa7d3a04b7132d97bd6ba9e7ad86dc7f253f0cd01d1e933495e68dbd9494585d0b27c2f1e8545dd4fd3183fd40dd955ec85cdf013889d1400b
-
SSDEEP
768:1XxOS44sR2L2Xd24dW/rvMQMNh4Mmv71rHWd8fif2QnAiF5e41u1tcoOVVRVcs:RP7LRKwbMFNev7tBqfTHDKtcoAVcs
Static task
static1
Behavioral task
behavioral1
Sample
27bea8d5dc7096ba6bc3e64eb8c0538b_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
27bea8d5dc7096ba6bc3e64eb8c0538b_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
xtremerat
ogdd.servemp3.com
Targets
-
-
Target
27bea8d5dc7096ba6bc3e64eb8c0538b_JaffaCakes118
-
Size
68KB
-
MD5
27bea8d5dc7096ba6bc3e64eb8c0538b
-
SHA1
d30a8dba846837f4264ac3727272991df1341e08
-
SHA256
6da67635f97ae7851d174785a537bb652cdd81df909c6e5a65047313c16b25f4
-
SHA512
0361158cc4c749aa7d3a04b7132d97bd6ba9e7ad86dc7f253f0cd01d1e933495e68dbd9494585d0b27c2f1e8545dd4fd3183fd40dd955ec85cdf013889d1400b
-
SSDEEP
768:1XxOS44sR2L2Xd24dW/rvMQMNh4Mmv71rHWd8fif2QnAiF5e41u1tcoOVVRVcs:RP7LRKwbMFNev7tBqfTHDKtcoAVcs
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-