gh0strat | 2e8a6d8e3f5e6fe16ba30fade1d097383fd8a408bd87220ed386ac61b3b7e79e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

JaffaCakes...c2.dll

windows7-x64

JaffaCakes...c2.dll

windows10-2004-x64

Resubmissions

28/02/2025, 07:53

250228-jq9jrawmv9 10

28/02/2025, 07:46

250228-jl5p1awlw9 10

Sharing

General

Target

JaffaCakes118_3293e67122b2a0f8bcdfb4bbc6576ac2
Size

107KB
Sample

250228-jl5p1awlw9
MD5

3293e67122b2a0f8bcdfb4bbc6576ac2
SHA1

bf3b11eca3ef68b591755febec08b189a27cf691
SHA256

2e8a6d8e3f5e6fe16ba30fade1d097383fd8a408bd87220ed386ac61b3b7e79e
SHA512

67d7b102077fe0f20ba502d45da7ec428322b9d0829e278483bd36ddfad925a2903c25c1bcc008954a4cd9b0eda68d7d1987edd2c1e022dbf1c7e813cce56c14
SSDEEP

1536:DbAJjSaBsyZ++i5FyV6pxPpzUsLSpc6P2fcOi1jToKAoSwzkK8:DbAJjS4lUZga5SppPgcOidToKAoSwQK8

Score

10^/10

gh0strat discovery rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_3293e67122b2a0f8bcdfb4bbc6576ac2.dll

Resource

win7-20241010-en

gh0strat discovery rat

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_3293e67122b2a0f8bcdfb4bbc6576ac2.dll

Resource

win10v2004-20250217-en

gh0strat discovery rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_3293e67122b2a0f8bcdfb4bbc6576ac2
- Size
  
  107KB
- MD5
  
  3293e67122b2a0f8bcdfb4bbc6576ac2
- SHA1
  
  bf3b11eca3ef68b591755febec08b189a27cf691
- SHA256
  
  2e8a6d8e3f5e6fe16ba30fade1d097383fd8a408bd87220ed386ac61b3b7e79e
- SHA512
  
  67d7b102077fe0f20ba502d45da7ec428322b9d0829e278483bd36ddfad925a2903c25c1bcc008954a4cd9b0eda68d7d1987edd2c1e022dbf1c7e813cce56c14
- SSDEEP
  
  1536:DbAJjSaBsyZ++i5FyV6pxPpzUsLSpc6P2fcOi1jToKAoSwzkK8:DbAJjS4lUZga5SppPgcOidToKAoSwQK8
Score

10^/10

gh0strat discovery rat
- Gh0st RAT payload
- Gh0strat
  Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
  rat gh0strat
- Gh0strat family
  gh0strat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gh0stratdiscoveryrat

behavioral2

gh0stratdiscoveryrat

© 2018-2025

Terms | Privacy