General
-
Target
JaffaCakes118_45fd681eaf9789b7a074a014a1a48b01
-
Size
96KB
-
Sample
250128-c1r9wstrbz
-
MD5
45fd681eaf9789b7a074a014a1a48b01
-
SHA1
04f411ced4b1b89d195ceec7a5a29405c9c20115
-
SHA256
63c6e42f1be316c70d5e1b0887adb5ee2c9bffc3f48487ed21f8a170b20b1874
-
SHA512
de1a4b73af1e1befac7e9e0647660dd4b8495c4cd7350c63e187d8db3f47e688e6ffc83cd8e09f19b85094008444513de73ea5cd498314035ddc7e81f6dbeea2
-
SSDEEP
1536:TbFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prliXc20YA:TVS4jHS8q/3nTzePCwNUh4E9lMc2fA
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_45fd681eaf9789b7a074a014a1a48b01.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
JaffaCakes118_45fd681eaf9789b7a074a014a1a48b01
-
Size
96KB
-
MD5
45fd681eaf9789b7a074a014a1a48b01
-
SHA1
04f411ced4b1b89d195ceec7a5a29405c9c20115
-
SHA256
63c6e42f1be316c70d5e1b0887adb5ee2c9bffc3f48487ed21f8a170b20b1874
-
SHA512
de1a4b73af1e1befac7e9e0647660dd4b8495c4cd7350c63e187d8db3f47e688e6ffc83cd8e09f19b85094008444513de73ea5cd498314035ddc7e81f6dbeea2
-
SSDEEP
1536:TbFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prliXc20YA:TVS4jHS8q/3nTzePCwNUh4E9lMc2fA
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-