General
-
Target
7ccedc31be55eac12d1e0e7d9ffa9296_JaffaCakes118
-
Size
200KB
-
Sample
241029-1krv7ayrbw
-
MD5
7ccedc31be55eac12d1e0e7d9ffa9296
-
SHA1
798001498bb981acc0e6f06cabded7d68f065d92
-
SHA256
cdde8682a5a8efb3d548ab446e9b3db154402323a827391ab570e7be2ef86855
-
SHA512
b19656a2abdb8eb62a47d1b6158c552b602d85122522609d5a4ffbc60d8b9fb5dec5f96615414aa3c611c873c53dcd88fcbe6741a47f064f765c9c81c9b3adaa
-
SSDEEP
6144:eSrmhQ4/bhlj1LAXNZPY2iZNhuhcLxevsdp4q:fKhQ4Dhlj12EuhfEn4
Static task
static1
Behavioral task
behavioral1
Sample
7ccedc31be55eac12d1e0e7d9ffa9296_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
7ccedc31be55eac12d1e0e7d9ffa9296_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7ccedc31be55eac12d1e0e7d9ffa9296_JaffaCakes118
-
Size
200KB
-
MD5
7ccedc31be55eac12d1e0e7d9ffa9296
-
SHA1
798001498bb981acc0e6f06cabded7d68f065d92
-
SHA256
cdde8682a5a8efb3d548ab446e9b3db154402323a827391ab570e7be2ef86855
-
SHA512
b19656a2abdb8eb62a47d1b6158c552b602d85122522609d5a4ffbc60d8b9fb5dec5f96615414aa3c611c873c53dcd88fcbe6741a47f064f765c9c81c9b3adaa
-
SSDEEP
6144:eSrmhQ4/bhlj1LAXNZPY2iZNhuhcLxevsdp4q:fKhQ4Dhlj12EuhfEn4
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-