General

  • Target

    0661ab7badf07e770c4844f15cc886ac_JaffaCakes118

  • Size

    112KB

  • Sample

    240623-q9cgpaxamm

  • MD5

    0661ab7badf07e770c4844f15cc886ac

  • SHA1

    57c4a2ac262288e46fcad3956f278545c2adbf87

  • SHA256

    755f8dcb337b0abd0a1e76929efefa969d9758b273ca44d3adfe1a9bbc28a9e0

  • SHA512

    eeea46f3d28c773ca0e9f313482d595958f39a03cae695df233322d2134e02506bd7648d4e2dc8cf12f7c71f3730294cde3c905a1b1e7bf466ffacec7f372840

  • SSDEEP

    3072:HhWSy8vEk69GRaQx846bWiaHSY4Hj6qBzM+rmPx:BWSy8vEk60aQx81W9eHeAM+o

Malware Config

Targets

    • Target

      0661ab7badf07e770c4844f15cc886ac_JaffaCakes118

    • Size

      112KB

    • MD5

      0661ab7badf07e770c4844f15cc886ac

    • SHA1

      57c4a2ac262288e46fcad3956f278545c2adbf87

    • SHA256

      755f8dcb337b0abd0a1e76929efefa969d9758b273ca44d3adfe1a9bbc28a9e0

    • SHA512

      eeea46f3d28c773ca0e9f313482d595958f39a03cae695df233322d2134e02506bd7648d4e2dc8cf12f7c71f3730294cde3c905a1b1e7bf466ffacec7f372840

    • SSDEEP

      3072:HhWSy8vEk69GRaQx846bWiaHSY4Hj6qBzM+rmPx:BWSy8vEk60aQx81W9eHeAM+o

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Server Software Component: Terminal Services DLL

MITRE ATT&CK Enterprise v15

Tasks