General
-
Target
288de081512bf215dfc03ad3ddcaf8f2_JaffaCakes118
-
Size
1.0MB
-
Sample
240706-r9a5as1gkj
-
MD5
288de081512bf215dfc03ad3ddcaf8f2
-
SHA1
e8916836647f5bc8f9d3e8dfb54450a28559d496
-
SHA256
c446418c73b0546cbef6e4966f651e4cd4e30bf9cc7f15f4eb2083e8ed9c221a
-
SHA512
578fcb52ea9ab8c52f89d5c118dac29dd911c68dc4bf2e562b7abe3a1887df940d3edb5619aee9f6133302321275bf70bd6494888079064fabbc4345f714a4ef
-
SSDEEP
24576:++yakwoTeOUe0BX9Ue0BFjrw3FOYK816uc1Y+kQI7CRQkEJBKikBKiZ:Xyir8rL4bdQpZOBJkBJZ
Static task
static1
Behavioral task
behavioral1
Sample
288de081512bf215dfc03ad3ddcaf8f2_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
288de081512bf215dfc03ad3ddcaf8f2_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
288de081512bf215dfc03ad3ddcaf8f2_JaffaCakes118
-
Size
1.0MB
-
MD5
288de081512bf215dfc03ad3ddcaf8f2
-
SHA1
e8916836647f5bc8f9d3e8dfb54450a28559d496
-
SHA256
c446418c73b0546cbef6e4966f651e4cd4e30bf9cc7f15f4eb2083e8ed9c221a
-
SHA512
578fcb52ea9ab8c52f89d5c118dac29dd911c68dc4bf2e562b7abe3a1887df940d3edb5619aee9f6133302321275bf70bd6494888079064fabbc4345f714a4ef
-
SSDEEP
24576:++yakwoTeOUe0BX9Ue0BFjrw3FOYK816uc1Y+kQI7CRQkEJBKikBKiZ:Xyir8rL4bdQpZOBJkBJZ
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-