General
-
Target
06450cc31f1e54fd264e3316aa4dc481_JaffaCakes118
-
Size
95KB
-
Sample
240623-qr5erascjh
-
MD5
06450cc31f1e54fd264e3316aa4dc481
-
SHA1
9163982a3f375fdf3eeaddbfc1bd062efb604e98
-
SHA256
6457203c3428fd916416452cd6739141d7d2a739c3b15f61077c07bb63d9c966
-
SHA512
1ba1fc2df2b1a9f5d7e0376b52a06c2a8f9a7b904f097b7ca5a3594b22b6c04946494f158aac92a399b06ec3245784b356751b6001deef99edd094f329454de9
-
SSDEEP
1536:tiFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prNraBn3E0:tIS4jHS8q/3nTzePCwNUh4E9Nrs39
Static task
static1
Behavioral task
behavioral1
Sample
06450cc31f1e54fd264e3316aa4dc481_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
06450cc31f1e54fd264e3316aa4dc481_JaffaCakes118
-
Size
95KB
-
MD5
06450cc31f1e54fd264e3316aa4dc481
-
SHA1
9163982a3f375fdf3eeaddbfc1bd062efb604e98
-
SHA256
6457203c3428fd916416452cd6739141d7d2a739c3b15f61077c07bb63d9c966
-
SHA512
1ba1fc2df2b1a9f5d7e0376b52a06c2a8f9a7b904f097b7ca5a3594b22b6c04946494f158aac92a399b06ec3245784b356751b6001deef99edd094f329454de9
-
SSDEEP
1536:tiFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prNraBn3E0:tIS4jHS8q/3nTzePCwNUh4E9Nrs39
Score10/10-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-