Overview

overview

10

Static

static

10

30df05a1a6...18.dll

windows7-x64

10

30df05a1a6...18.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    30df05a1a6dbce972af9c0a664545e20_JaffaCakes118

  • Size

    95KB

  • Sample

    240709-sh9n8a1epg

  • MD5

    30df05a1a6dbce972af9c0a664545e20

  • SHA1

    5f89094a73560e8f9b71e77bf749899024ed15c2

  • SHA256

    a4f07814e923a75a96b0149fcd909e78d5f379b87a83b28c1247f711d896307a

  • SHA512

    3f709b4db3010347dbae26d23a20d77da647710d74b0a069dc8819aec61c6c2ae2d7ef224f35c89f1d5974b091a61e7aa438192491d9bc3ce60eb271bb8e3b92

  • SSDEEP

    1536:Pg6NFO+cZcdxuMk7sigzyBFwQPulcf/afsuCSxzPBV9S1HDav:o6NFHHdxqstzyBSQPul0/csuCkrBV9S8

Score
10/10
gh0stratrat

Malware Config

Targets

    • Target

      30df05a1a6dbce972af9c0a664545e20_JaffaCakes118

    • Size

      95KB

    • MD5

      30df05a1a6dbce972af9c0a664545e20

    • SHA1

      5f89094a73560e8f9b71e77bf749899024ed15c2

    • SHA256

      a4f07814e923a75a96b0149fcd909e78d5f379b87a83b28c1247f711d896307a

    • SHA512

      3f709b4db3010347dbae26d23a20d77da647710d74b0a069dc8819aec61c6c2ae2d7ef224f35c89f1d5974b091a61e7aa438192491d9bc3ce60eb271bb8e3b92

    • SSDEEP

      1536:Pg6NFO+cZcdxuMk7sigzyBFwQPulcf/afsuCSxzPBV9S1HDav:o6NFHHdxqstzyBSQPul0/csuCkrBV9S8

    Score
    10/10
    gh0stratrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks