General
-
Target
05c977d259a8901ec1dbde6308f949b0_JaffaCakes118
-
Size
96KB
-
Sample
240623-kv5l2azgpp
-
MD5
05c977d259a8901ec1dbde6308f949b0
-
SHA1
d6a17dd673769454ba1c13e7b7208d2461468bc3
-
SHA256
3f0de8e53c2e158e96f4debbc757ee0f97efa352917b0b6379656944d75475f3
-
SHA512
8ffe471936cef05cfa593e01af123689467cb01273a3d4a668cd4feeacf1c1805a7e94665f626047a4ede17312f3d762b8338e24e5590e170b9abbbfacb844e5
-
SSDEEP
3072:oKS4jHS8q/3nTzePCwNUh4E90XBO2coyc:ol428q/nTzePCwG7YBDf
Static task
static1
Behavioral task
behavioral1
Sample
05c977d259a8901ec1dbde6308f949b0_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
05c977d259a8901ec1dbde6308f949b0_JaffaCakes118
-
Size
96KB
-
MD5
05c977d259a8901ec1dbde6308f949b0
-
SHA1
d6a17dd673769454ba1c13e7b7208d2461468bc3
-
SHA256
3f0de8e53c2e158e96f4debbc757ee0f97efa352917b0b6379656944d75475f3
-
SHA512
8ffe471936cef05cfa593e01af123689467cb01273a3d4a668cd4feeacf1c1805a7e94665f626047a4ede17312f3d762b8338e24e5590e170b9abbbfacb844e5
-
SSDEEP
3072:oKS4jHS8q/3nTzePCwNUh4E90XBO2coyc:ol428q/nTzePCwG7YBDf
Score10/10-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-