General
-
Target
4b6740a79e30f046957092d4d78281f5_JaffaCakes118
-
Size
95KB
-
Sample
241016-e46ykasfpb
-
MD5
4b6740a79e30f046957092d4d78281f5
-
SHA1
a061b14a86bb9b74937a3aad5c4e2d90d70e3320
-
SHA256
88221f680cd44a24e3695fa22f99e5d71fe0d86048f9826f846018a7b3a04133
-
SHA512
3bdfd063e155c4d8b3b8449991f5a4fdf47df08ca1273d7a704ff609cfbb40eb8f8fac0e8b4ee4d875428950a059f2b9cb9f994ce43f3480c3174b0b2d987645
-
SSDEEP
1536:Ha9zFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8pr8eEwf:HKNS4jHS8q/3nTzePCwNUh4E9VEwf
Static task
static1
Behavioral task
behavioral1
Sample
4b6740a79e30f046957092d4d78281f5_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
4b6740a79e30f046957092d4d78281f5_JaffaCakes118
-
Size
95KB
-
MD5
4b6740a79e30f046957092d4d78281f5
-
SHA1
a061b14a86bb9b74937a3aad5c4e2d90d70e3320
-
SHA256
88221f680cd44a24e3695fa22f99e5d71fe0d86048f9826f846018a7b3a04133
-
SHA512
3bdfd063e155c4d8b3b8449991f5a4fdf47df08ca1273d7a704ff609cfbb40eb8f8fac0e8b4ee4d875428950a059f2b9cb9f994ce43f3480c3174b0b2d987645
-
SSDEEP
1536:Ha9zFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8pr8eEwf:HKNS4jHS8q/3nTzePCwNUh4E9VEwf
Score10/10-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-