General
-
Target
0196fb10ff039b47e7062dddbc35ad60_JaffaCakes118
-
Size
204KB
-
Sample
240620-bedzpsvbkn
-
MD5
0196fb10ff039b47e7062dddbc35ad60
-
SHA1
dec262381e0af93da3be63614cb12941dc444e23
-
SHA256
0e3b7dd29df75dfa511944cc5ff44ed5d070e53657dd0e8c7d0a089e080f5821
-
SHA512
e46e666dbc0fe95f55e09fc3a804df6078fbd11c9ed17007e45963639926fc387b1638207ae57ed5ae4818b559d3946130384ce0da44ef9db3f9f0241500d601
-
SSDEEP
6144:KsIZ6nW8QZBTyPRqyhYPbncTBlhHrPndnkv0oX:nRW87Jq8YPbncT3m
Behavioral task
behavioral1
Sample
0196fb10ff039b47e7062dddbc35ad60_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
0196fb10ff039b47e7062dddbc35ad60_JaffaCakes118
-
Size
204KB
-
MD5
0196fb10ff039b47e7062dddbc35ad60
-
SHA1
dec262381e0af93da3be63614cb12941dc444e23
-
SHA256
0e3b7dd29df75dfa511944cc5ff44ed5d070e53657dd0e8c7d0a089e080f5821
-
SHA512
e46e666dbc0fe95f55e09fc3a804df6078fbd11c9ed17007e45963639926fc387b1638207ae57ed5ae4818b559d3946130384ce0da44ef9db3f9f0241500d601
-
SSDEEP
6144:KsIZ6nW8QZBTyPRqyhYPbncTBlhHrPndnkv0oX:nRW87Jq8YPbncT3m
Score10/10-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-