General
-
Target
JaffaCakes118_449f46a89b69413481670d6139f113a4
-
Size
197KB
-
Sample
250127-3c23aszkgk
-
MD5
449f46a89b69413481670d6139f113a4
-
SHA1
c18b6bfdc25cdb96485e01fe7c4001b95c636714
-
SHA256
12611f1a00199c0c42390a3aa760633cddf25de3b691e8f1c3050f3d525e1f71
-
SHA512
e972ba878a6d6cca45eab01ca1fb7bc6b0acb8809f36588c29cc5ce3c1af4ebface23020772a800628bba766ae0a4ba9cc02f1da65df069c55df2ff31f20b371
-
SSDEEP
6144:oOVLnWFcOFtsFkVRTl0QdTmNPPYhLUgP4:o8LWFd+kV1KIo+74
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_449f46a89b69413481670d6139f113a4.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
JaffaCakes118_449f46a89b69413481670d6139f113a4
-
Size
197KB
-
MD5
449f46a89b69413481670d6139f113a4
-
SHA1
c18b6bfdc25cdb96485e01fe7c4001b95c636714
-
SHA256
12611f1a00199c0c42390a3aa760633cddf25de3b691e8f1c3050f3d525e1f71
-
SHA512
e972ba878a6d6cca45eab01ca1fb7bc6b0acb8809f36588c29cc5ce3c1af4ebface23020772a800628bba766ae0a4ba9cc02f1da65df069c55df2ff31f20b371
-
SSDEEP
6144:oOVLnWFcOFtsFkVRTl0QdTmNPPYhLUgP4:o8LWFd+kV1KIo+74
-
Gh0st RAT payload
-
Gh0strat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-