General

  • Target

    011335cd273f0d52cc1a4299e9de2f6d_JaffaCakes118

  • Size

    150KB

  • Sample

    240619-2523bs1ajl

  • MD5

    011335cd273f0d52cc1a4299e9de2f6d

  • SHA1

    cad712f9bc640495e00f289391f03c37bd037f98

  • SHA256

    2488e43e5f4e703114905624985085f63382c1451a3272c68b06a7377e9bc1aa

  • SHA512

    1d72c6e9c4d9b30df5b45a73e223266139bfb87e8e867dff6538fa8ae2fa13a4034b55508a2c62db61089ad73f37c5fe6a2c4446ac0fc5aff8311fcadf15770e

  • SSDEEP

    3072:cITrABZFudroRcexfOWppbH1AL0Q9QiCrj2cXWk5OFbQ+BL9:cITcLF9ptVCkri+WkIFJ

Score
10/10

Malware Config

Targets

    • Target

      011335cd273f0d52cc1a4299e9de2f6d_JaffaCakes118

    • Size

      150KB

    • MD5

      011335cd273f0d52cc1a4299e9de2f6d

    • SHA1

      cad712f9bc640495e00f289391f03c37bd037f98

    • SHA256

      2488e43e5f4e703114905624985085f63382c1451a3272c68b06a7377e9bc1aa

    • SHA512

      1d72c6e9c4d9b30df5b45a73e223266139bfb87e8e867dff6538fa8ae2fa13a4034b55508a2c62db61089ad73f37c5fe6a2c4446ac0fc5aff8311fcadf15770e

    • SSDEEP

      3072:cITrABZFudroRcexfOWppbH1AL0Q9QiCrj2cXWk5OFbQ+BL9:cITcLF9ptVCkri+WkIFJ

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Deletes itself

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks