Overview

overview

10

Static

static

10

f95a772cdd...18.dll

windows7-x64

10

f95a772cdd...18.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

CERTIFICATE.dll

windows7-x64

10

CERTIFICATE.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f95a772cdd32c1b5cfa8530319e7e627_JaffaCakes118

  • Size

    162KB

  • MD5

    f95a772cdd32c1b5cfa8530319e7e627

  • SHA1

    105ad7b9182a6fb74721f04e962d60c6f92bfb3c

  • SHA256

    b7a978e7c4cb4207a67ad2636ad17df5fb49fb31297ccce1a62341fff623b1a9

  • SHA512

    a652be77795a8e078ee0f62639fb04a82188bacd87d59def29f0fed337cf834815b1caa044927d3cf4fc2227bcfdaa99e721ca44c49ae86a32b81cc6dc2018c6

  • SSDEEP

    3072:rwZ2QNI3VGVilUVjz764/9xjEEUQqbZuwNii5RGHngqovqW:VVGg2x9tjUpZuw0irGHgqoR

Score
10/10
gh0strat

Malware Config

Signatures

  • Gh0st RAT payload 10 IoCs
  • Gh0strat family
    gh0strat
  • Unsigned PE 10 IoCs

    Checks for missing Authenticode signature.

Files

  • f95a772cdd32c1b5cfa8530319e7e627_JaffaCakes118
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/BITMAP/103.bmp
  • .rsrc/MANIFEST/1
    .xml
  • .rsrc/MENU/102
  • .rsrc/version.txt
  • .rsrc_1
  • .text
  • CERTIFICATE
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections