General

  • Target

    0606cc01c4d8feb608e500a4eadd82f7_JaffaCakes118

  • Size

    196KB

  • Sample

    240623-pt5ymazhnf

  • MD5

    0606cc01c4d8feb608e500a4eadd82f7

  • SHA1

    f30bac7ab906d10877a19878a62cf8c0443c5b07

  • SHA256

    98bfb6dbce441f0045bb41cbff65a491837b292611aa26c1048f5f58c879b234

  • SHA512

    b7a29995d2480274d6c219c3824c33efd5bb617dba6da63117056703d1324aac9437272f288f86f41ae960ddd2715bf621cb92f2229fa71ebb381a0b479e3af6

  • SSDEEP

    6144:WOVLnWFcdFtsFkVRTl0QdTmNPPYhgU/0P0:W8LWF4+kV1KIo+/60

Score
10/10

Malware Config

Targets

    • Target

      0606cc01c4d8feb608e500a4eadd82f7_JaffaCakes118

    • Size

      196KB

    • MD5

      0606cc01c4d8feb608e500a4eadd82f7

    • SHA1

      f30bac7ab906d10877a19878a62cf8c0443c5b07

    • SHA256

      98bfb6dbce441f0045bb41cbff65a491837b292611aa26c1048f5f58c879b234

    • SHA512

      b7a29995d2480274d6c219c3824c33efd5bb617dba6da63117056703d1324aac9437272f288f86f41ae960ddd2715bf621cb92f2229fa71ebb381a0b479e3af6

    • SSDEEP

      6144:WOVLnWFcdFtsFkVRTl0QdTmNPPYhgU/0P0:W8LWF4+kV1KIo+/60

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks