General

  • Target

    05ea38e058ae5c2025283414974d0a9c_JaffaCakes118

  • Size

    193KB

  • Sample

    240623-ljfn7sxfmf

  • MD5

    05ea38e058ae5c2025283414974d0a9c

  • SHA1

    7dc84cdeffa8c8c518e83e857881c6170fb19580

  • SHA256

    a7f1cc11dfc813095b610889aa2a5eb4a1c0b6aeeea7a7fdd4a7ce05114d999d

  • SHA512

    2c358e14075947bf796de94a51d706a94fc5d860d238b20f848f820b2a71296b3613beceaeb9ba5298abc51dd409d5e1748aa4dbf7001547c2a6256e6eba75f8

  • SSDEEP

    3072:y1SRERXDvSnWXbcJMrafWTdJf7R4nzsRgEvYIAMoybn/RG/Jj86RuC:yURERT6nWLcJM+8P7lRrHYQg/sC

Score
10/10

Malware Config

Targets

    • Target

      05ea38e058ae5c2025283414974d0a9c_JaffaCakes118

    • Size

      193KB

    • MD5

      05ea38e058ae5c2025283414974d0a9c

    • SHA1

      7dc84cdeffa8c8c518e83e857881c6170fb19580

    • SHA256

      a7f1cc11dfc813095b610889aa2a5eb4a1c0b6aeeea7a7fdd4a7ce05114d999d

    • SHA512

      2c358e14075947bf796de94a51d706a94fc5d860d238b20f848f820b2a71296b3613beceaeb9ba5298abc51dd409d5e1748aa4dbf7001547c2a6256e6eba75f8

    • SSDEEP

      3072:y1SRERXDvSnWXbcJMrafWTdJf7R4nzsRgEvYIAMoybn/RG/Jj86RuC:yURERT6nWLcJM+8P7lRrHYQg/sC

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks