General

  • Target

    7e3609d368ab90753cc597c010bacd1c_JaffaCakes118

  • Size

    60KB

  • Sample

    241030-hbgdzsybkh

  • MD5

    7e3609d368ab90753cc597c010bacd1c

  • SHA1

    dfaac25bc3434f061e3d0998b018f1be980879b5

  • SHA256

    f325e8853d32e69ce170985a0fe0b477dfe2b472c29965d2d3c03a503b94f3c4

  • SHA512

    435af0e7b243a2ff7ae4c9fd284987e6b5ea5147380a2b3a45cddc8eb7df060a921e507a91c7431aa71cd588918187b4a3d6265f401eb285f507ae194425ce3d

  • SSDEEP

    1536:Kus+/c/C4G9IyIeISfY9CjSuvECfXcKo8qz3N:jcCrIvb+Zb/qR

Malware Config

Targets

    • Target

      7e3609d368ab90753cc597c010bacd1c_JaffaCakes118

    • Size

      60KB

    • MD5

      7e3609d368ab90753cc597c010bacd1c

    • SHA1

      dfaac25bc3434f061e3d0998b018f1be980879b5

    • SHA256

      f325e8853d32e69ce170985a0fe0b477dfe2b472c29965d2d3c03a503b94f3c4

    • SHA512

      435af0e7b243a2ff7ae4c9fd284987e6b5ea5147380a2b3a45cddc8eb7df060a921e507a91c7431aa71cd588918187b4a3d6265f401eb285f507ae194425ce3d

    • SSDEEP

      1536:Kus+/c/C4G9IyIeISfY9CjSuvECfXcKo8qz3N:jcCrIvb+Zb/qR

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks