General
-
Target
12c76eecb7d602352b246ae1dc5eaaa1_JaffaCakes118
-
Size
191KB
-
Sample
240626-vts7qaxblk
-
MD5
12c76eecb7d602352b246ae1dc5eaaa1
-
SHA1
84b93aa7ddac419c2be9e59d5fd7555f592afd02
-
SHA256
1b78e140f120533ca90b40eff8194a7a93e463ec47a3de2148d5c7938ef8da2c
-
SHA512
43447a904582697a0bccf278bfd4e6d0992d71f9b55bd41c65dbb9a828b1ce75a8f30270c45afdae313b5c1095d3c0a85631bd966ee21dd6eb89154df15c8808
-
SSDEEP
3072:n3c1fP4AJJRJK51Q7DapBTlxsxnfSWQk52VydTE6K6ODaAQEF5:3OPjdJaOap9lx+naFaR+6ODpQe5
Static task
static1
Behavioral task
behavioral1
Sample
12c76eecb7d602352b246ae1dc5eaaa1_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
12c76eecb7d602352b246ae1dc5eaaa1_JaffaCakes118
-
Size
191KB
-
MD5
12c76eecb7d602352b246ae1dc5eaaa1
-
SHA1
84b93aa7ddac419c2be9e59d5fd7555f592afd02
-
SHA256
1b78e140f120533ca90b40eff8194a7a93e463ec47a3de2148d5c7938ef8da2c
-
SHA512
43447a904582697a0bccf278bfd4e6d0992d71f9b55bd41c65dbb9a828b1ce75a8f30270c45afdae313b5c1095d3c0a85631bd966ee21dd6eb89154df15c8808
-
SSDEEP
3072:n3c1fP4AJJRJK51Q7DapBTlxsxnfSWQk52VydTE6K6ODaAQEF5:3OPjdJaOap9lx+naFaR+6ODpQe5
Score10/10-
Gh0st RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-