General

  • Target

    7ce256076e57d662a6e0b72edc562542_JaffaCakes118

  • Size

    311KB

  • Sample

    241029-1z69eszkex

  • MD5

    7ce256076e57d662a6e0b72edc562542

  • SHA1

    e034d789ea2792780b988c636145e0d6378a624e

  • SHA256

    052abface6a82556781baf6890586267f6d18fc9750f7a0e880552d73d46a271

  • SHA512

    825e51d48d816f0754db6d2590a049be2e57ac41d399ac82a83029e33e9e05312e50a361db4fc5ca99d1cb7e175111d4c54cc46e1060ac1f2ef74b0b5cef3a39

  • SSDEEP

    6144:FibDMGJyE51ZuweB+eqoOfw8Pka4qQM/83UZ0BckmxhK6Wf:YbBX5XmF8Pj3F/OUrkX6+

Score
10/10

Malware Config

Targets

    • Target

      7ce256076e57d662a6e0b72edc562542_JaffaCakes118

    • Size

      311KB

    • MD5

      7ce256076e57d662a6e0b72edc562542

    • SHA1

      e034d789ea2792780b988c636145e0d6378a624e

    • SHA256

      052abface6a82556781baf6890586267f6d18fc9750f7a0e880552d73d46a271

    • SHA512

      825e51d48d816f0754db6d2590a049be2e57ac41d399ac82a83029e33e9e05312e50a361db4fc5ca99d1cb7e175111d4c54cc46e1060ac1f2ef74b0b5cef3a39

    • SSDEEP

      6144:FibDMGJyE51ZuweB+eqoOfw8Pka4qQM/83UZ0BckmxhK6Wf:YbBX5XmF8Pj3F/OUrkX6+

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Deletes itself

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks