Overview

overview

10

Static

static

10

JaffaCakes...87.exe

windows7-x64

10

JaffaCakes...87.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_4ec1d1a2b95f574f8331d40a08c37b87

  • Size

    173KB

  • Sample

    250304-v8mngsxjs2

  • MD5

    4ec1d1a2b95f574f8331d40a08c37b87

  • SHA1

    b438fa26f1609a92f5564516db3c9536a247d53f

  • SHA256

    88cc1f2d0743500d0194092a1da17c0e0c8bbd3d81eb219d2401c411563a7bab

  • SHA512

    a2b7691f3719c243c642f5899c571a1380289dcadd6bed083a492565e4a10f8cef97273f6d05ca04709d412ac6e2c1cc128de23a3f852ab4e5e23677f0a08ea5

  • SSDEEP

    3072:dM7MqKqra33OGctg9gqQhCy6tip5+PDMKWJLxqsG0rY6Ew3SS0SI:d1qKqra3cXCyZH+7M/TqTL6Ew3SS+

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      JaffaCakes118_4ec1d1a2b95f574f8331d40a08c37b87

    • Size

      173KB

    • MD5

      4ec1d1a2b95f574f8331d40a08c37b87

    • SHA1

      b438fa26f1609a92f5564516db3c9536a247d53f

    • SHA256

      88cc1f2d0743500d0194092a1da17c0e0c8bbd3d81eb219d2401c411563a7bab

    • SHA512

      a2b7691f3719c243c642f5899c571a1380289dcadd6bed083a492565e4a10f8cef97273f6d05ca04709d412ac6e2c1cc128de23a3f852ab4e5e23677f0a08ea5

    • SSDEEP

      3072:dM7MqKqra33OGctg9gqQhCy6tip5+PDMKWJLxqsG0rY6Ew3SS0SI:d1qKqra3cXCyZH+7M/TqTL6Ew3SS+

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks