General

  • Target

    80dbd6975ab2183b12b6546b2fd2a3cf_JaffaCakes118

  • Size

    1.9MB

  • Sample

    241031-a1dqdswphm

  • MD5

    80dbd6975ab2183b12b6546b2fd2a3cf

  • SHA1

    ce1a722373270642f19deba757fbe5eabb6304d2

  • SHA256

    ed69ae6f5970b4e2718ab6e71e1d430e50113bb32ff935644f9d6555cf92e318

  • SHA512

    0536f4f885ab3fed291d093464d23472f7dabc0703a26ba8791715a340573601fd99f6b11e620c83f7b9d61f735246422e844fe982b19e79cf15a18dce68c9d9

  • SSDEEP

    49152:Qc//////7rShhV6+yolnhQZWESe5Xv/xGkw+kcCY/2DufaSafBBRS4:Qc///////STa2+Wbe5XvskTpP/2uafR

Score
10/10

Malware Config

Targets

    • Target

      80dbd6975ab2183b12b6546b2fd2a3cf_JaffaCakes118

    • Size

      1.9MB

    • MD5

      80dbd6975ab2183b12b6546b2fd2a3cf

    • SHA1

      ce1a722373270642f19deba757fbe5eabb6304d2

    • SHA256

      ed69ae6f5970b4e2718ab6e71e1d430e50113bb32ff935644f9d6555cf92e318

    • SHA512

      0536f4f885ab3fed291d093464d23472f7dabc0703a26ba8791715a340573601fd99f6b11e620c83f7b9d61f735246422e844fe982b19e79cf15a18dce68c9d9

    • SSDEEP

      49152:Qc//////7rShhV6+yolnhQZWESe5Xv/xGkw+kcCY/2DufaSafBBRS4:Qc///////STa2+Wbe5XvskTpP/2uafR

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks