General
-
Target
6a29cf973f1d66268030cc5e5a4d2d1c_JaffaCakes118
-
Size
580KB
-
Sample
240523-h5betshc59
-
MD5
6a29cf973f1d66268030cc5e5a4d2d1c
-
SHA1
786e7571fe983e9ed1b5f9c144096a038629462b
-
SHA256
ebb50394bcadbc9bcf4f6814b6e0cf72ef6f153d8c8d69472b20b4c9e431cf39
-
SHA512
380c10d5d03fc521a6a01d9cf0ab578ffb7ede5906ffbf96a2597d556168b39cf02221be4e2d619e7c62a1124261868244f688b36d2e91c66a336897e6688722
-
SSDEEP
6144:qPrmCDMLRhprsSgSM7Fs9Icg0bAJHALCV:+rX+pA7FGEJe
Static task
static1
Behavioral task
behavioral1
Sample
6a29cf973f1d66268030cc5e5a4d2d1c_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6a29cf973f1d66268030cc5e5a4d2d1c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gh0strat
42.99.116.242
Targets
-
-
Target
6a29cf973f1d66268030cc5e5a4d2d1c_JaffaCakes118
-
Size
580KB
-
MD5
6a29cf973f1d66268030cc5e5a4d2d1c
-
SHA1
786e7571fe983e9ed1b5f9c144096a038629462b
-
SHA256
ebb50394bcadbc9bcf4f6814b6e0cf72ef6f153d8c8d69472b20b4c9e431cf39
-
SHA512
380c10d5d03fc521a6a01d9cf0ab578ffb7ede5906ffbf96a2597d556168b39cf02221be4e2d619e7c62a1124261868244f688b36d2e91c66a336897e6688722
-
SSDEEP
6144:qPrmCDMLRhprsSgSM7Fs9Icg0bAJHALCV:+rX+pA7FGEJe
Score10/10-
Gh0st RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-