Overview

overview

10

Static

static

10

72fe69dafd...18.dll

windows7-x64

10

72fe69dafd...18.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    72fe69dafd1c7a11d5f3ff0b9e1cd375_JaffaCakes118

  • Size

    64KB

  • Sample

    240726-hlk5xswbrg

  • MD5

    72fe69dafd1c7a11d5f3ff0b9e1cd375

  • SHA1

    41e87017f6be1248273d190c49f0261a8bc08ae3

  • SHA256

    a91752f6232a4d6c17b9651a716b1022186855d4cc43574408cc08535db492f8

  • SHA512

    19db57ae33832fcc527ace46fb4641d18a6f07786b644b32ebd85075e26f271c522859ec7fcf4835f8c0907d9a8aef22099742edfa0e8530b7b4db6e2ed076d8

  • SSDEEP

    768:ue+5tLcz6AVenNCdVKT/o+ySREAkGcMZ1h6GHHLVfMW/QP4uBLGPryxK5:uTtLcWyeYd4//yEZc1GJf7/QP4uiry

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      72fe69dafd1c7a11d5f3ff0b9e1cd375_JaffaCakes118

    • Size

      64KB

    • MD5

      72fe69dafd1c7a11d5f3ff0b9e1cd375

    • SHA1

      41e87017f6be1248273d190c49f0261a8bc08ae3

    • SHA256

      a91752f6232a4d6c17b9651a716b1022186855d4cc43574408cc08535db492f8

    • SHA512

      19db57ae33832fcc527ace46fb4641d18a6f07786b644b32ebd85075e26f271c522859ec7fcf4835f8c0907d9a8aef22099742edfa0e8530b7b4db6e2ed076d8

    • SSDEEP

      768:ue+5tLcz6AVenNCdVKT/o+ySREAkGcMZ1h6GHHLVfMW/QP4uBLGPryxK5:uTtLcWyeYd4//yEZc1GJf7/QP4uiry

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks