General

  • Target

    0117d57e765daa9ffb79024062350910_JaffaCakes118

  • Size

    196KB

  • Sample

    240619-28mrta1bkj

  • MD5

    0117d57e765daa9ffb79024062350910

  • SHA1

    49d6f17c3e5374ac8a99b54b76ff54036c5a8bfa

  • SHA256

    dbfd13d3bd6863ce0f569675c0e98b032ba03acf8f34df5b340e373571fca33e

  • SHA512

    189abf748b19381e07434ee5072dcdcae802148afa950fdfc9f74fdb0e2acce03b243284ba9ff6fae874cce475399a275cddd5f934b48aac64a1cf41e6487f15

  • SSDEEP

    3072:eHun0evOvtYzonqSioDXxbuE9w2qbXUeZPtrQ/a/4qZyMlZVQ:KI0evOvtoSiodbuYzqDvZC/a4qpfVQ

Score
10/10

Malware Config

Targets

    • Target

      0117d57e765daa9ffb79024062350910_JaffaCakes118

    • Size

      196KB

    • MD5

      0117d57e765daa9ffb79024062350910

    • SHA1

      49d6f17c3e5374ac8a99b54b76ff54036c5a8bfa

    • SHA256

      dbfd13d3bd6863ce0f569675c0e98b032ba03acf8f34df5b340e373571fca33e

    • SHA512

      189abf748b19381e07434ee5072dcdcae802148afa950fdfc9f74fdb0e2acce03b243284ba9ff6fae874cce475399a275cddd5f934b48aac64a1cf41e6487f15

    • SSDEEP

      3072:eHun0evOvtYzonqSioDXxbuE9w2qbXUeZPtrQ/a/4qZyMlZVQ:KI0evOvtoSiodbuYzqDvZC/a4qpfVQ

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks