General

  • Target

    81a67bf2a59b953f9c0f0204b2e1f3a8_JaffaCakes118

  • Size

    197KB

  • Sample

    241031-e5mlbazhnr

  • MD5

    81a67bf2a59b953f9c0f0204b2e1f3a8

  • SHA1

    a680768c148b963a6b605f3ee53a1db7b77a5e4f

  • SHA256

    21d3aab64f92f25bdfa45d4fae4d292bef24b086797099bed54e9d13fcfd11a6

  • SHA512

    2ff6b45b26db7665ce46b024aa6c2b1db14826bf9a83440ebef194f537fb0b9358a2e85b50d3df703bc9c63096ec1ba5caa49cd8d034eec01f80a7810fd26074

  • SSDEEP

    6144:nOVLnWFcxFtsFkVRTl0QdTmNPPYhnUeqP4:n8LWFc+kV1KIo+PY4

Score
10/10

Malware Config

Targets

    • Target

      81a67bf2a59b953f9c0f0204b2e1f3a8_JaffaCakes118

    • Size

      197KB

    • MD5

      81a67bf2a59b953f9c0f0204b2e1f3a8

    • SHA1

      a680768c148b963a6b605f3ee53a1db7b77a5e4f

    • SHA256

      21d3aab64f92f25bdfa45d4fae4d292bef24b086797099bed54e9d13fcfd11a6

    • SHA512

      2ff6b45b26db7665ce46b024aa6c2b1db14826bf9a83440ebef194f537fb0b9358a2e85b50d3df703bc9c63096ec1ba5caa49cd8d034eec01f80a7810fd26074

    • SSDEEP

      6144:nOVLnWFcxFtsFkVRTl0QdTmNPPYhnUeqP4:n8LWFc+kV1KIo+PY4

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks