General
-
Target
7d055ccb42eb596df67022c40bd9f9c8_JaffaCakes118
-
Size
168KB
-
Sample
241029-2tqvxsspdq
-
MD5
7d055ccb42eb596df67022c40bd9f9c8
-
SHA1
4594ff62de294665eaf1d40ed5c01900151e30ef
-
SHA256
d7e1c7cd4ab384a7ee62e691d3551bfba693ab3e0d7876d8d976d04e67050478
-
SHA512
af2ac640b5decee17c374a00836f4daa932e1b0922f2e048a0a2c48fdb21297c538fea91ee68e34322055b96ec30aa1571bb08c7c4dff23a1bfc3ea1b30a8bac
-
SSDEEP
3072:J0U8dYKCjUTZ4A2+2YBVjYOZyG7+x7hcLxKl:a2jOZt2+2YnjYbquhcLxKl
Static task
static1
Behavioral task
behavioral1
Sample
7d055ccb42eb596df67022c40bd9f9c8_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7d055ccb42eb596df67022c40bd9f9c8_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7d055ccb42eb596df67022c40bd9f9c8_JaffaCakes118
-
Size
168KB
-
MD5
7d055ccb42eb596df67022c40bd9f9c8
-
SHA1
4594ff62de294665eaf1d40ed5c01900151e30ef
-
SHA256
d7e1c7cd4ab384a7ee62e691d3551bfba693ab3e0d7876d8d976d04e67050478
-
SHA512
af2ac640b5decee17c374a00836f4daa932e1b0922f2e048a0a2c48fdb21297c538fea91ee68e34322055b96ec30aa1571bb08c7c4dff23a1bfc3ea1b30a8bac
-
SSDEEP
3072:J0U8dYKCjUTZ4A2+2YBVjYOZyG7+x7hcLxKl:a2jOZt2+2YnjYbquhcLxKl
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-