General
-
Target
JaffaCakes118_5688f5c8046aaa5b9c4f0e1d71e6e78b
-
Size
148KB
-
Sample
250306-qrsqysy1cs
-
MD5
5688f5c8046aaa5b9c4f0e1d71e6e78b
-
SHA1
13cb3470c8469063c54fc763960cc97d73a8ffcf
-
SHA256
2f0d3ddfc455c78def12192e6b9708562a2640a4e19096411552d2c1ab2222f2
-
SHA512
2019900d341d5256a9fbb74c2652e2100266b743192ad568258e98f16a77b147a7b13f0a8670a9998edf09889fc9aa024e66356baa2a6f79d6a91907c07dd279
-
SSDEEP
3072:dcOqt/4opDQkdDIdlyA06726bwtTBftIihnk:dcOqnJcJ06q6bwtTBl3hn
Malware Config
Targets
-
-
Target
JaffaCakes118_5688f5c8046aaa5b9c4f0e1d71e6e78b
-
Size
148KB
-
MD5
5688f5c8046aaa5b9c4f0e1d71e6e78b
-
SHA1
13cb3470c8469063c54fc763960cc97d73a8ffcf
-
SHA256
2f0d3ddfc455c78def12192e6b9708562a2640a4e19096411552d2c1ab2222f2
-
SHA512
2019900d341d5256a9fbb74c2652e2100266b743192ad568258e98f16a77b147a7b13f0a8670a9998edf09889fc9aa024e66356baa2a6f79d6a91907c07dd279
-
SSDEEP
3072:dcOqt/4opDQkdDIdlyA06726bwtTBftIihnk:dcOqnJcJ06q6bwtTBl3hn
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
Drops file in System32 directory
-