General

  • Target

    024526c7f54d3ba136a8fd1e78a21f53_JaffaCakes118

  • Size

    488KB

  • Sample

    240620-dlaa7svgle

  • MD5

    024526c7f54d3ba136a8fd1e78a21f53

  • SHA1

    93a2581f8988c0deb3b7a5b1e9918a5f54d3b3d8

  • SHA256

    ebe174ba2e17e0fd451bfeb25a5a993b7f27fe430a027f1bb8ffa2ed10bcb276

  • SHA512

    d668990b4964a7dfeb03145ab046b283cedaac58c07e5e6f61e055f0ae6e8fe44959e0ecdb8300bf933740c441b1f482b1efc9b7fb6369f8d043b81df959f84e

  • SSDEEP

    12288:UM5ByqLauL3aKHx5r+TuxvhNW7Qctk1Kei7:UM5ByuB3aKHx5r+TuxvhyQ0kdi7

Malware Config

Targets

    • Target

      024526c7f54d3ba136a8fd1e78a21f53_JaffaCakes118

    • Size

      488KB

    • MD5

      024526c7f54d3ba136a8fd1e78a21f53

    • SHA1

      93a2581f8988c0deb3b7a5b1e9918a5f54d3b3d8

    • SHA256

      ebe174ba2e17e0fd451bfeb25a5a993b7f27fe430a027f1bb8ffa2ed10bcb276

    • SHA512

      d668990b4964a7dfeb03145ab046b283cedaac58c07e5e6f61e055f0ae6e8fe44959e0ecdb8300bf933740c441b1f482b1efc9b7fb6369f8d043b81df959f84e

    • SSDEEP

      12288:UM5ByqLauL3aKHx5r+TuxvhNW7Qctk1Kei7:UM5ByuB3aKHx5r+TuxvhyQ0kdi7

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks