General
-
Target
7d0b60d0835c3add992af1524c4dec8f_JaffaCakes118
-
Size
130KB
-
Sample
241029-2zc61s1hnk
-
MD5
7d0b60d0835c3add992af1524c4dec8f
-
SHA1
9765eff5f65679692c050c773c60f90fc23c02f7
-
SHA256
edfdb2154972ef6d6975ea991e518c70fca4b0e3cbf5232da271d8d0cf75d849
-
SHA512
505f7982b983bdc9d323af7f0827da1188adbb7504e287221a5ede7aa3de433aeb0dfa0b89630c58774dca573a58acc71041b87501181e07d6b494bf16b660ec
-
SSDEEP
3072:tZIezg1BjA6nNgPm4eaSbL3efn2OMO/M2RQ:0ezg1BjAQNOOb7GnoO/q
Behavioral task
behavioral1
Sample
7d0b60d0835c3add992af1524c4dec8f_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
7d0b60d0835c3add992af1524c4dec8f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7d0b60d0835c3add992af1524c4dec8f_JaffaCakes118
-
Size
130KB
-
MD5
7d0b60d0835c3add992af1524c4dec8f
-
SHA1
9765eff5f65679692c050c773c60f90fc23c02f7
-
SHA256
edfdb2154972ef6d6975ea991e518c70fca4b0e3cbf5232da271d8d0cf75d849
-
SHA512
505f7982b983bdc9d323af7f0827da1188adbb7504e287221a5ede7aa3de433aeb0dfa0b89630c58774dca573a58acc71041b87501181e07d6b494bf16b660ec
-
SSDEEP
3072:tZIezg1BjA6nNgPm4eaSbL3efn2OMO/M2RQ:0ezg1BjAQNOOb7GnoO/q
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Loads dropped DLL
-