Overview

overview

10

Static

static

10

JaffaCakes...32.dll

windows7-x64

10

JaffaCakes...32.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_450e05e8a9203f3fa50befc8d3456932

  • Size

    96KB

  • Sample

    250128-as48da1ncn

  • MD5

    450e05e8a9203f3fa50befc8d3456932

  • SHA1

    5f58d4d2e71491633c9b0c5ce8af7acd5c2450e5

  • SHA256

    f587c51ec5bcc0672e3f8669a51454232ed3970f5d54b950b7e7acf57013db4d

  • SHA512

    b6536d241ec35d8b5447ee4b683c74730e2c68bfbfea1f722a6a94af40d5672819c6ecba9c69d65a44f5b48a972e2210bf173123b1d46aaee07461a45b56bff5

  • SSDEEP

    3072:tOenRv+dbhg4W2C3ZPf8MBMeCyrkCPEMhUzU:wenRvWhg4janXv/E21

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      JaffaCakes118_450e05e8a9203f3fa50befc8d3456932

    • Size

      96KB

    • MD5

      450e05e8a9203f3fa50befc8d3456932

    • SHA1

      5f58d4d2e71491633c9b0c5ce8af7acd5c2450e5

    • SHA256

      f587c51ec5bcc0672e3f8669a51454232ed3970f5d54b950b7e7acf57013db4d

    • SHA512

      b6536d241ec35d8b5447ee4b683c74730e2c68bfbfea1f722a6a94af40d5672819c6ecba9c69d65a44f5b48a972e2210bf173123b1d46aaee07461a45b56bff5

    • SSDEEP

      3072:tOenRv+dbhg4W2C3ZPf8MBMeCyrkCPEMhUzU:wenRvWhg4janXv/E21

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks