General
-
Target
81398ede98e5ed4a258df4d95167bd2b_JaffaCakes118
-
Size
216KB
-
Sample
241031-cy9fdsypgp
-
MD5
81398ede98e5ed4a258df4d95167bd2b
-
SHA1
450a9ae08404d6509c69c84a432beb61b26b6e69
-
SHA256
e0883b9aee2697bbdddb4705fd68f410cc7b56f54cce62d84d72de77304e84ed
-
SHA512
83dab010024d3062584b28e9bf05418e06525268ababbcc4c281b912b2bde17de7785d308a40fde7f7452b77672d661910d1cc5c0cb2c6da51dd1de18c1b2985
-
SSDEEP
6144:sMIjjpISTju17N7WH41LHpXiLM2vj0HDqCOoeygOgu5k0c:fIj6ST07EYD9u6eygUk
Static task
static1
Behavioral task
behavioral1
Sample
ZZZVMP~1.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
ZZZVMP~1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ZZZVMP~1.EXE
-
Size
250KB
-
MD5
a5604e31ed5ae25df2dfe72af47d8e15
-
SHA1
930320b599e50305475ba3c77f1c84ce234d4fa4
-
SHA256
edcf12512c0b2cbb1c5680ffd56ea020ac5723e7fcf476272bd20315fa18d6cc
-
SHA512
8d9936e1599ea1748aae0212a1efa5dbb23365c6cfceba8c2a8f47554e4d5ddcddb317bca4c6489a9e824e064a5d5d3fe0448da54e8029952f747c86daa31346
-
SSDEEP
6144:q/kuouETjkfHN7VH4tFHpXmLM2vj0jJNbLoJt0wy0Y6Osh:qJ7ETQHfY1FLoJlnHh
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-