General
-
Target
JaffaCakes118_59c96a389a72e63281c111c34a586675
-
Size
389KB
-
Sample
250309-sjqyhatwcv
-
MD5
59c96a389a72e63281c111c34a586675
-
SHA1
01491337e17f3a5d98efffb1c6681cbe737b0a5f
-
SHA256
e14b9884aeacf547941c1ad96c7c3f8df48db5611fb307251850acd5841e8c95
-
SHA512
76e5af85e029129f60d823fb306f193ed984afb70776be58ac0362486aa1afe9e503295c23ffc0376cb458978200024760650413d3401d2b0c683149b0280ac2
-
SSDEEP
6144:GzKyM4d88Ll/cvAN/RJDYoYdZcBo1167cBsblKVJqgcj0Oep52am2:GOud8Sl/c6JJDYo0aB26kSIJNObam2
Malware Config
Targets
-
-
Target
JaffaCakes118_59c96a389a72e63281c111c34a586675
-
Size
389KB
-
MD5
59c96a389a72e63281c111c34a586675
-
SHA1
01491337e17f3a5d98efffb1c6681cbe737b0a5f
-
SHA256
e14b9884aeacf547941c1ad96c7c3f8df48db5611fb307251850acd5841e8c95
-
SHA512
76e5af85e029129f60d823fb306f193ed984afb70776be58ac0362486aa1afe9e503295c23ffc0376cb458978200024760650413d3401d2b0c683149b0280ac2
-
SSDEEP
6144:GzKyM4d88Ll/cvAN/RJDYoYdZcBo1167cBsblKVJqgcj0Oep52am2:GOud8Sl/c6JJDYo0aB26kSIJNObam2
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-