General

  • Target

    01661744dc1e14e75cda005730ab60d4_JaffaCakes118

  • Size

    69KB

  • Sample

    240620-anp8nashrm

  • MD5

    01661744dc1e14e75cda005730ab60d4

  • SHA1

    c47a99a153ceb17814d1bdce964532809cfd6a2f

  • SHA256

    72da05905ad6528020b58ff536768cdf34386b5b13b9331e1be4f4fbd68838e8

  • SHA512

    2f5ad2eedf970dba27bc10b4423f963ca228cace865d2b7f82b0031540859129e27986682f41bd7a59bbd17182b34eec4d791e4b568ebc74e40f3a31b9aaf7db

  • SSDEEP

    1536:M9GyrJcd/yfc9SmOtFqxj7/0Ms03U8jByA/179b:MIyrJi/Ec9SrF2f0103U8jByC179

Score
10/10

Malware Config

Targets

    • Target

      01661744dc1e14e75cda005730ab60d4_JaffaCakes118

    • Size

      69KB

    • MD5

      01661744dc1e14e75cda005730ab60d4

    • SHA1

      c47a99a153ceb17814d1bdce964532809cfd6a2f

    • SHA256

      72da05905ad6528020b58ff536768cdf34386b5b13b9331e1be4f4fbd68838e8

    • SHA512

      2f5ad2eedf970dba27bc10b4423f963ca228cace865d2b7f82b0031540859129e27986682f41bd7a59bbd17182b34eec4d791e4b568ebc74e40f3a31b9aaf7db

    • SSDEEP

      1536:M9GyrJcd/yfc9SmOtFqxj7/0Ms03U8jByA/179b:MIyrJi/Ec9SrF2f0103U8jByC179

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks