General
-
Target
2a73118feab14007f1bae786d3f807e1_JaffaCakes118
-
Size
98KB
-
Sample
240708-bja4lsvfjm
-
MD5
2a73118feab14007f1bae786d3f807e1
-
SHA1
5ac38868c385187b1b52fcc1f703646123f8603a
-
SHA256
530d0d34083fa22e3bde227609ea5d60a166871bc8b0f64c58b6db279b20e336
-
SHA512
f44cb7ab4542c0818a7872736d6afbc9afb70b112d934289e9ef3599ef9c9fdeb1875ff64221178956f68b2c9ca4247ac9f04652af62cb92e0505bb16e40316b
-
SSDEEP
3072:zvhbY9Pvzfd+AZ170oOA1oNA9kH4i2L1ISsngy:pY9Pjd+u1LRiekH471z
Static task
static1
Behavioral task
behavioral1
Sample
2a73118feab14007f1bae786d3f807e1_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2a73118feab14007f1bae786d3f807e1_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
xtremerat
moon2009us.linkpc.net
Targets
-
-
Target
2a73118feab14007f1bae786d3f807e1_JaffaCakes118
-
Size
98KB
-
MD5
2a73118feab14007f1bae786d3f807e1
-
SHA1
5ac38868c385187b1b52fcc1f703646123f8603a
-
SHA256
530d0d34083fa22e3bde227609ea5d60a166871bc8b0f64c58b6db279b20e336
-
SHA512
f44cb7ab4542c0818a7872736d6afbc9afb70b112d934289e9ef3599ef9c9fdeb1875ff64221178956f68b2c9ca4247ac9f04652af62cb92e0505bb16e40316b
-
SSDEEP
3072:zvhbY9Pvzfd+AZ170oOA1oNA9kH4i2L1ISsngy:pY9Pjd+u1LRiekH471z
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-