Overview

overview

10

Static

static

3

JaffaCakes...bd.dll

windows7-x64

10

JaffaCakes...bd.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_596136904d793492789bbb7868d235bd

  • Size

    46KB

  • Sample

    250129-vstrvstnh1

  • MD5

    596136904d793492789bbb7868d235bd

  • SHA1

    f1d83180801b181fc11b67d374cf6a60c7f51512

  • SHA256

    7dde1d6fdcb309eed2ed548752a9e0c28e5c6d895e7febed28c5613fa7e0ba85

  • SHA512

    8dc3c73206086502657221f245b825a0845ce5d28721aa0f966ef335d8276c1046b8fa64a39235ebc3137ee7ba7f40c1cb3f0920011836e4d4bce4136a03e66f

  • SSDEEP

    768:MInKkJI9YSRbv1lHEiovqhC0soO+5ksH8T+AEbeAgedCIOfD/nrz5lx2BEn1b7N9:tKkJMvRbv1miXMcj8LAgdVfD/rtGEtNK

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      JaffaCakes118_596136904d793492789bbb7868d235bd

    • Size

      46KB

    • MD5

      596136904d793492789bbb7868d235bd

    • SHA1

      f1d83180801b181fc11b67d374cf6a60c7f51512

    • SHA256

      7dde1d6fdcb309eed2ed548752a9e0c28e5c6d895e7febed28c5613fa7e0ba85

    • SHA512

      8dc3c73206086502657221f245b825a0845ce5d28721aa0f966ef335d8276c1046b8fa64a39235ebc3137ee7ba7f40c1cb3f0920011836e4d4bce4136a03e66f

    • SSDEEP

      768:MInKkJI9YSRbv1lHEiovqhC0soO+5ksH8T+AEbeAgedCIOfD/nrz5lx2BEn1b7N9:tKkJMvRbv1miXMcj8LAgdVfD/rtGEtNK

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks