General
-
Target
7ca8890542401c164ba69bbd37432e32_JaffaCakes118
-
Size
405KB
-
Sample
241029-zcme3azamg
-
MD5
7ca8890542401c164ba69bbd37432e32
-
SHA1
dfaa40dca6dc417b1ece16c8a33f22d1f2c7f1c2
-
SHA256
c5d80a05415403346381ae82463c3da66a3f18728de9dec978324dae869ecdd6
-
SHA512
2c41b0e0a0a2e96d55e9db0077fd482c9b53430404611ef319bba2da63bb578eab81f8abae6b026b215f23619b81fb564ed8709693c87cb395fad4eaf06cc81e
-
SSDEEP
12288:l+QtNj9rXDfRfFgBe+QtNj9rXDfRfFgBs:l3Nj9XL6e3Nj9XL6s
Static task
static1
Behavioral task
behavioral1
Sample
7ca8890542401c164ba69bbd37432e32_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
7ca8890542401c164ba69bbd37432e32_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7ca8890542401c164ba69bbd37432e32_JaffaCakes118
-
Size
405KB
-
MD5
7ca8890542401c164ba69bbd37432e32
-
SHA1
dfaa40dca6dc417b1ece16c8a33f22d1f2c7f1c2
-
SHA256
c5d80a05415403346381ae82463c3da66a3f18728de9dec978324dae869ecdd6
-
SHA512
2c41b0e0a0a2e96d55e9db0077fd482c9b53430404611ef319bba2da63bb578eab81f8abae6b026b215f23619b81fb564ed8709693c87cb395fad4eaf06cc81e
-
SSDEEP
12288:l+QtNj9rXDfRfFgBe+QtNj9rXDfRfFgBs:l3Nj9XL6e3Nj9XL6s
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-