General
-
Target
821b3009a88f0b2da8645e0f4304f6ab_JaffaCakes118
-
Size
160KB
-
Sample
241031-hlsvrstqbk
-
MD5
821b3009a88f0b2da8645e0f4304f6ab
-
SHA1
fc17044f8a71470d4cd61c4edb9aa3f1bb617e53
-
SHA256
9f87c3aaf968b58415b5e794a849ea813785a0868ffcb12b14e45df2d3803c49
-
SHA512
d3330b82ea4f90acd7d486ed3ba2d19c2887b08df2162f035beba57080b741fb59d016a3193eecb6faed38f000cc52f225bde9ca464089a47f0ef89877c8a662
-
SSDEEP
3072:MLNgGaPdgermWP2U8udJSl7BHlomNTAejk:EgGYdi+quT0BHWwe
Behavioral task
behavioral1
Sample
821b3009a88f0b2da8645e0f4304f6ab_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
821b3009a88f0b2da8645e0f4304f6ab_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
821b3009a88f0b2da8645e0f4304f6ab_JaffaCakes118
-
Size
160KB
-
MD5
821b3009a88f0b2da8645e0f4304f6ab
-
SHA1
fc17044f8a71470d4cd61c4edb9aa3f1bb617e53
-
SHA256
9f87c3aaf968b58415b5e794a849ea813785a0868ffcb12b14e45df2d3803c49
-
SHA512
d3330b82ea4f90acd7d486ed3ba2d19c2887b08df2162f035beba57080b741fb59d016a3193eecb6faed38f000cc52f225bde9ca464089a47f0ef89877c8a662
-
SSDEEP
3072:MLNgGaPdgermWP2U8udJSl7BHlomNTAejk:EgGYdi+quT0BHWwe
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-