Overview

overview

10

Static

static

10

JaffaCakes...9d.dll

windows7-x64

10

JaffaCakes...9d.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_472b916721522110d54ea49b39b7a79d

  • Size

    95KB

  • Sample

    250303-p8r1baylw5

  • MD5

    472b916721522110d54ea49b39b7a79d

  • SHA1

    ec406584487685f59df4367a77a936b3fe188e60

  • SHA256

    de5ae5c16090c8ad3e8218e1da62b8881266ba30f3546af6a67616e0573136f5

  • SHA512

    206b46584f8d7f06aa47c79b329ea214ade9d3a1fddaabfad884cd98d6dd0ff23470b0069f0560eb5f936cf870ce90d720db37e30230bff43c0d1dcaa90a7182

  • SSDEEP

    1536:dSD+a8vQOz2WqEFBTSeIjmoNEcsoMNfBYKiSmgP1uYwbE7ymJ1e15I/:S+mOz2WqWZIyKEjoM1BYKCgduYwbE7y+

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      JaffaCakes118_472b916721522110d54ea49b39b7a79d

    • Size

      95KB

    • MD5

      472b916721522110d54ea49b39b7a79d

    • SHA1

      ec406584487685f59df4367a77a936b3fe188e60

    • SHA256

      de5ae5c16090c8ad3e8218e1da62b8881266ba30f3546af6a67616e0573136f5

    • SHA512

      206b46584f8d7f06aa47c79b329ea214ade9d3a1fddaabfad884cd98d6dd0ff23470b0069f0560eb5f936cf870ce90d720db37e30230bff43c0d1dcaa90a7182

    • SSDEEP

      1536:dSD+a8vQOz2WqEFBTSeIjmoNEcsoMNfBYKiSmgP1uYwbE7ymJ1e15I/:S+mOz2WqWZIyKEjoM1BYKCgduYwbE7y+

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat

    • Drops file in Drivers directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks