General
-
Target
f973510ca7da82640038027bc8496622_JaffaCakes118
-
Size
272KB
-
Sample
240419-ehhc3sha6y
-
MD5
f973510ca7da82640038027bc8496622
-
SHA1
8d6f3c786c32d815890dde6764afdd10e5a5c83d
-
SHA256
8aedf38834b298b48cb5af40d2b88e3a7e2e87a495c921094dd13942e44a74e0
-
SHA512
d878174490db02a9db12647c0dfe53283f0628073c7eecd7aadc2b17c909857ed3c453d0af8e249eff68577b7c5848905859388ea9f42303f5813c72971cdec1
-
SSDEEP
6144:4MigebtJQSE7MSNAADuXKMsHleE8IUVNbH:ggepJxEISPKQHCIaNL
Static task
static1
Behavioral task
behavioral1
Sample
f973510ca7da82640038027bc8496622_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f973510ca7da82640038027bc8496622_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f973510ca7da82640038027bc8496622_JaffaCakes118
-
Size
272KB
-
MD5
f973510ca7da82640038027bc8496622
-
SHA1
8d6f3c786c32d815890dde6764afdd10e5a5c83d
-
SHA256
8aedf38834b298b48cb5af40d2b88e3a7e2e87a495c921094dd13942e44a74e0
-
SHA512
d878174490db02a9db12647c0dfe53283f0628073c7eecd7aadc2b17c909857ed3c453d0af8e249eff68577b7c5848905859388ea9f42303f5813c72971cdec1
-
SSDEEP
6144:4MigebtJQSE7MSNAADuXKMsHleE8IUVNbH:ggepJxEISPKQHCIaNL
Score10/10-
Gh0st RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-