gh0strat | f3ccbd684b6d50443ab37c17267220bd_JaffaCakes118

General

Target

f3ccbd684b6d50443ab37c17267220bd_JaffaCakes118
Size

197KB
MD5

f3ccbd684b6d50443ab37c17267220bd
SHA1

cd9c346a173c61d84dc4a873099eb27c40ec5f2f
SHA256

a47085f5d80fdee3aca5702a4874a986aab20e2ce2547fd42381a307f7f367c4
SHA512

d58a591d3eaeaf91e308f949f60802eb555bd122326fd90000027c204572427549a64ad4c350c68180b293bea2113623d6544a0c95e0788b1b9128210498447b
SSDEEP

3072:ChdVMQgpRh5qTsqyTDW2DQ8kK7dPLjjNRwQR4ttOSO8g98:k2Rnh5Esjm2EA7RjYQR4Kb9

Score

10^/10

gh0strat

Malware Config

Signatures

Gh0st RAT payload 1 IoCs

resource	yara_rule
sample	family_gh0strat

Gh0strat family
gh0strat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3ccbd684b6d50443ab37c17267220bd_JaffaCakes118

Files

f3ccbd684b6d50443ab37c17267220bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

*LOCKED*
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

*LOCKED*
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

*LOCKED*
Size: 25KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*LOCKED*
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

*LOCKED*
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*LOCKED*
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*LOCKED*
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

*LOCKED*
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Headers

File Characteristics

Sections

LOCKED
Size: 145KB - Virtual size: 148KB

LOCKED
Size: 18KB - Virtual size: 20KB

LOCKED
Size: 25KB - Virtual size: 48KB

LOCKED
Size: - Virtual size: 12KB

LOCKED
Size: - Virtual size: 4KB

LOCKED
Size: 3KB - Virtual size: 4KB

LOCKED
Size: 512B - Virtual size: 4KB

LOCKED
Size: 1KB - Virtual size: 1KB

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

*LOCKED* Size: 145KB - Virtual size: 148KB

*LOCKED* Size: 18KB - Virtual size: 20KB

*LOCKED* Size: 25KB - Virtual size: 48KB

*LOCKED* Size: - Virtual size: 12KB

*LOCKED* Size: - Virtual size: 4KB

*LOCKED* Size: 3KB - Virtual size: 4KB

*LOCKED* Size: 512B - Virtual size: 4KB

*LOCKED* Size: 1KB - Virtual size: 1KB

LOCKED
Size: 145KB - Virtual size: 148KB

LOCKED
Size: 18KB - Virtual size: 20KB

LOCKED
Size: 25KB - Virtual size: 48KB

LOCKED
Size: - Virtual size: 12KB

LOCKED
Size: - Virtual size: 4KB

LOCKED
Size: 3KB - Virtual size: 4KB

LOCKED
Size: 512B - Virtual size: 4KB

LOCKED
Size: 1KB - Virtual size: 1KB