Overview

overview

10

Static

static

10

JaffaCakes...75.dll

windows7-x64

10

JaffaCakes...75.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3d228410692c822d310129170ea7dd75

  • Size

    114KB

  • Sample

    250127-h17x8sykal

  • MD5

    3d228410692c822d310129170ea7dd75

  • SHA1

    66f4198ccb55009f4572655d6811ad349ba9ba11

  • SHA256

    fb2027742ff3f9352704b03921bf99760aaeade43fcea06f2d948623e0575fdd

  • SHA512

    27e98d83a3b02c869abc57a16fb2654a47b069ca04c5b64c6679775621017cf5488e17d2e0216a3e6c9b75b7c459a32bf05d509bc4b2d0987b7889852c6e9eda

  • SSDEEP

    3072:Ifvjm8gSUv8H4oXPp8wrOP/feQ7PKPPWr0wISCVUI:kvjmkUv8Yo76eQTcw0wPjI

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      JaffaCakes118_3d228410692c822d310129170ea7dd75

    • Size

      114KB

    • MD5

      3d228410692c822d310129170ea7dd75

    • SHA1

      66f4198ccb55009f4572655d6811ad349ba9ba11

    • SHA256

      fb2027742ff3f9352704b03921bf99760aaeade43fcea06f2d948623e0575fdd

    • SHA512

      27e98d83a3b02c869abc57a16fb2654a47b069ca04c5b64c6679775621017cf5488e17d2e0216a3e6c9b75b7c459a32bf05d509bc4b2d0987b7889852c6e9eda

    • SSDEEP

      3072:Ifvjm8gSUv8H4oXPp8wrOP/feQ7PKPPWr0wISCVUI:kvjmkUv8Yo76eQTcw0wPjI

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks