General

  • Target

    7d3ed07df7fa59df87e75d2adcfb5181_JaffaCakes118

  • Size

    134KB

  • Sample

    241030-ank9ps1pbz

  • MD5

    7d3ed07df7fa59df87e75d2adcfb5181

  • SHA1

    7dee2262bc70b31667e2f96ebbf6943d3fa2c6b1

  • SHA256

    d4b9c9c3d53bb614bba05b7db0e3f2d06c7c328581019c617ecfb7953cecd277

  • SHA512

    e324e3a9b60b39199a8e72b6fbad7364118607588a1bdf1f311180e985bec42bf5739ae5efffc2ab91f5cd9da257972291b75985f3a4181f6fba97556806db05

  • SSDEEP

    3072:MMwZSQpKa3VGVnpUlCz764/9xpEEBqbZuwL5iGHeqovv:M3JVGpxx9b3wZuwL4GHeqo

Score
10/10

Malware Config

Targets

    • Target

      7d3ed07df7fa59df87e75d2adcfb5181_JaffaCakes118

    • Size

      134KB

    • MD5

      7d3ed07df7fa59df87e75d2adcfb5181

    • SHA1

      7dee2262bc70b31667e2f96ebbf6943d3fa2c6b1

    • SHA256

      d4b9c9c3d53bb614bba05b7db0e3f2d06c7c328581019c617ecfb7953cecd277

    • SHA512

      e324e3a9b60b39199a8e72b6fbad7364118607588a1bdf1f311180e985bec42bf5739ae5efffc2ab91f5cd9da257972291b75985f3a4181f6fba97556806db05

    • SSDEEP

      3072:MMwZSQpKa3VGVnpUlCz764/9xpEEBqbZuwL5iGHeqovv:M3JVGpxx9b3wZuwL4GHeqo

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Deletes itself

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks