General
-
Target
6f7a107dc916475497c8879a9e961e57_JaffaCakes118
-
Size
96KB
-
Sample
240725-n45vyaxdpn
-
MD5
6f7a107dc916475497c8879a9e961e57
-
SHA1
c47ff28d6f76ed36daf1a403dba06497cf5dcd16
-
SHA256
177bdecacc90c4fb1b0a4b4af7d14e5548f6bb58a1c21eca6753c945845043ce
-
SHA512
0854a7907c488d958e2604557c9fc7742e633355947d774a23bfd16cda5f865f6ac5483fef98f2ea5de5ccf90cc2d0878ac56e23db4bc5616603437dbc141d08
-
SSDEEP
1536:foFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8pr+RF1MgI:f6S4jHS8q/3nTzePCwNUh4E9+MgI
Static task
static1
Behavioral task
behavioral1
Sample
6f7a107dc916475497c8879a9e961e57_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
6f7a107dc916475497c8879a9e961e57_JaffaCakes118
-
Size
96KB
-
MD5
6f7a107dc916475497c8879a9e961e57
-
SHA1
c47ff28d6f76ed36daf1a403dba06497cf5dcd16
-
SHA256
177bdecacc90c4fb1b0a4b4af7d14e5548f6bb58a1c21eca6753c945845043ce
-
SHA512
0854a7907c488d958e2604557c9fc7742e633355947d774a23bfd16cda5f865f6ac5483fef98f2ea5de5ccf90cc2d0878ac56e23db4bc5616603437dbc141d08
-
SSDEEP
1536:foFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8pr+RF1MgI:f6S4jHS8q/3nTzePCwNUh4E9+MgI
Score10/10-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-