Overview

overview

10

Static

static

7

JaffaCakes...a1.exe

windows7-x64

10

JaffaCakes...a1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_42d8a025f1893086585c7149dd046da1

  • Size

    81KB

  • Sample

    250302-1sxfmswqw7

  • MD5

    42d8a025f1893086585c7149dd046da1

  • SHA1

    918dcfc5b8d1b264e73a99fec96cd40eb235e3bd

  • SHA256

    a29486b2fa4a8d191f1781fd96e763780849f1662c7f7bfd0132908247f4d3d5

  • SHA512

    30657f398d531808c93af2685d2730f8a8278dfdea613c5134e841cc22e4dd703689649aacace08c3883ce05f5b70e8ba2483374baabb060ba9ac110930cb20c

  • SSDEEP

    1536:ziImDfFv7yMzWMGS1+x/E+3VX4utoW9YksvPH8ymQkNkfkxp:ziIUvHhGSc6+vSP8yGNkW

Score
10/10
gh0stratdiscoveryratvmprotect

Malware Config

Targets

    • Target

      JaffaCakes118_42d8a025f1893086585c7149dd046da1

    • Size

      81KB

    • MD5

      42d8a025f1893086585c7149dd046da1

    • SHA1

      918dcfc5b8d1b264e73a99fec96cd40eb235e3bd

    • SHA256

      a29486b2fa4a8d191f1781fd96e763780849f1662c7f7bfd0132908247f4d3d5

    • SHA512

      30657f398d531808c93af2685d2730f8a8278dfdea613c5134e841cc22e4dd703689649aacace08c3883ce05f5b70e8ba2483374baabb060ba9ac110930cb20c

    • SSDEEP

      1536:ziImDfFv7yMzWMGS1+x/E+3VX4utoW9YksvPH8ymQkNkfkxp:ziIUvHhGSc6+vSP8yGNkW

    Score
    10/10
    gh0stratdiscoveryratvmprotect

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks