General

  • Target

    7dc9c87027f305916c60b81e7afefc0f_JaffaCakes118

  • Size

    68KB

  • Sample

    241030-edx8qswdqj

  • MD5

    7dc9c87027f305916c60b81e7afefc0f

  • SHA1

    51d78a338a6859489c81fcd48f7fd6eab3a0546a

  • SHA256

    9690f78b27636e8698b519b723e98e0ff842806ca2aa95c775307bc2fda605ce

  • SHA512

    2738aa3a72a46b511e403c2e6e57994422dadc1464b0367b092de6940d36393269aec6e2fadce8f88e742ba7fd45239011aa6f41c7e4dd0e312250dab29f742f

  • SSDEEP

    1536:nTj4tsTxzQAIHe2q/lkDLpPpZeiZg6FDc5mnYbm:pTx7eKl0JpZeuRpObm

Score
10/10

Malware Config

Targets

    • Target

      7dc9c87027f305916c60b81e7afefc0f_JaffaCakes118

    • Size

      68KB

    • MD5

      7dc9c87027f305916c60b81e7afefc0f

    • SHA1

      51d78a338a6859489c81fcd48f7fd6eab3a0546a

    • SHA256

      9690f78b27636e8698b519b723e98e0ff842806ca2aa95c775307bc2fda605ce

    • SHA512

      2738aa3a72a46b511e403c2e6e57994422dadc1464b0367b092de6940d36393269aec6e2fadce8f88e742ba7fd45239011aa6f41c7e4dd0e312250dab29f742f

    • SSDEEP

      1536:nTj4tsTxzQAIHe2q/lkDLpPpZeiZg6FDc5mnYbm:pTx7eKl0JpZeuRpObm

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Deletes itself

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks