General

  • Target

    7c7d66331610ab53177108d7fcc3a840_JaffaCakes118

  • Size

    52KB

  • Sample

    241029-x359raxlds

  • MD5

    7c7d66331610ab53177108d7fcc3a840

  • SHA1

    3c84a8f2827c64ee6264bee0290079452851b761

  • SHA256

    2e7411dd4dc2626faa2d5a0b3a078ec8b483fa0aec0cdb6ca263aa14432962a0

  • SHA512

    b8372d612c98aeff04a8da1a8d88f2171fc51c406c8d5649686711347179f9a52af84175727a644b201236f0e6fbe9ed4d26b536ed121d4f11662df970c40d7c

  • SSDEEP

    768:kNWUAygeFdLpwTIELkcSmuUKCMVkCKONfC3wAiEbBfViZuMz0TeiJYHHxi4nu7Hu:EWbwwELHUK6CKOxHSbVsuiiJwxiWGOT

Malware Config

Targets

    • Target

      7c7d66331610ab53177108d7fcc3a840_JaffaCakes118

    • Size

      52KB

    • MD5

      7c7d66331610ab53177108d7fcc3a840

    • SHA1

      3c84a8f2827c64ee6264bee0290079452851b761

    • SHA256

      2e7411dd4dc2626faa2d5a0b3a078ec8b483fa0aec0cdb6ca263aa14432962a0

    • SHA512

      b8372d612c98aeff04a8da1a8d88f2171fc51c406c8d5649686711347179f9a52af84175727a644b201236f0e6fbe9ed4d26b536ed121d4f11662df970c40d7c

    • SSDEEP

      768:kNWUAygeFdLpwTIELkcSmuUKCMVkCKONfC3wAiEbBfViZuMz0TeiJYHHxi4nu7Hu:EWbwwELHUK6CKOxHSbVsuiiJwxiWGOT

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Server Software Component: Terminal Services DLL

MITRE ATT&CK Enterprise v15

Tasks