General

  • Target

    7cbfdebde4a7f4afdf8f00dc5bacfca9_JaffaCakes118

  • Size

    168KB

  • Sample

    241029-z399tazeke

  • MD5

    7cbfdebde4a7f4afdf8f00dc5bacfca9

  • SHA1

    0da34cabbbb9623bacbb988cf09f33a1e1438a66

  • SHA256

    39041b54566ea91befcd90b1cee001cb79b31df55c15a07a5231f71efc82ba97

  • SHA512

    23701529358218eabfa9c5e76e970440c7639581e33241a94003fa3b4215145e58a224e562d9d0faef8d3426bf96dd6a78fe4b64e2533630cd7e65f1a7d199cf

  • SSDEEP

    3072:BinteOrW2Ya95MGmREqvLji6emszuAr21rmA:Qea7MmwjNPszuAr2tx

Score
10/10

Malware Config

Targets

    • Target

      7cbfdebde4a7f4afdf8f00dc5bacfca9_JaffaCakes118

    • Size

      168KB

    • MD5

      7cbfdebde4a7f4afdf8f00dc5bacfca9

    • SHA1

      0da34cabbbb9623bacbb988cf09f33a1e1438a66

    • SHA256

      39041b54566ea91befcd90b1cee001cb79b31df55c15a07a5231f71efc82ba97

    • SHA512

      23701529358218eabfa9c5e76e970440c7639581e33241a94003fa3b4215145e58a224e562d9d0faef8d3426bf96dd6a78fe4b64e2533630cd7e65f1a7d199cf

    • SSDEEP

      3072:BinteOrW2Ya95MGmREqvLji6emszuAr21rmA:Qea7MmwjNPszuAr2tx

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks