General
-
Target
JaffaCakes118_574bdfdff36ef931fbc19f3a53776034
-
Size
127KB
-
Sample
250129-qkpqqayqcz
-
MD5
574bdfdff36ef931fbc19f3a53776034
-
SHA1
c10f6bc157f513108e713340b2d8d7923ba9ca50
-
SHA256
b22c86b73dc32c8a0b08d2329d2c80c7ac57e55671753457c70bb2acbf6d6d32
-
SHA512
b531092f19a09bc5cc20d5cc6db7e3cfb057cc8036911e3086f436fb30e2cc463ac16731ddf89d0fe1dd6ea9da38b4519d142e39d5c7d6492854ecebe6520bdb
-
SSDEEP
3072:Z7aVnnvIStWq73hGUmv06+W5/RahJ1jOkVt:Z7aVnnvIStWqz8UmMi5ZAJ1j3
Behavioral task
behavioral1
Sample
JaffaCakes118_574bdfdff36ef931fbc19f3a53776034.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_574bdfdff36ef931fbc19f3a53776034.exe
Resource
win10v2004-20250129-en
Malware Config
Targets
-
-
Target
JaffaCakes118_574bdfdff36ef931fbc19f3a53776034
-
Size
127KB
-
MD5
574bdfdff36ef931fbc19f3a53776034
-
SHA1
c10f6bc157f513108e713340b2d8d7923ba9ca50
-
SHA256
b22c86b73dc32c8a0b08d2329d2c80c7ac57e55671753457c70bb2acbf6d6d32
-
SHA512
b531092f19a09bc5cc20d5cc6db7e3cfb057cc8036911e3086f436fb30e2cc463ac16731ddf89d0fe1dd6ea9da38b4519d142e39d5c7d6492854ecebe6520bdb
-
SSDEEP
3072:Z7aVnnvIStWq73hGUmv06+W5/RahJ1jOkVt:Z7aVnnvIStWqz8UmMi5ZAJ1j3
Score10/10-
Gh0st RAT payload
-
Gh0strat family
-
Blocklisted process makes network request
-
Server Software Component: Terminal Services DLL
-
Loads dropped DLL
-
Drops file in System32 directory
-