General
-
Target
JaffaCakes118_5cc5ce0551c3d69592fee469332f2abd
-
Size
435KB
-
Sample
250310-dt1s5a1nv5
-
MD5
5cc5ce0551c3d69592fee469332f2abd
-
SHA1
7d3aabd696f32fffe8594f43cf3dab2546b2dffb
-
SHA256
cf2fb5cf282157f8494747c0e2caf9976df207fc6e0d52937b2b8105d5d7218b
-
SHA512
856697d18e675ed1e9c6692e957181820d588dfec688ecda9753e2ae1d7500e1361d9537a57e14ad22e5e80d6e6462134b7a40a86c67606b492361e6fc1f6844
-
SSDEEP
6144:wGzRxSVtp0l6whGfsKR+zkBpTaa5tJHYt4Z4g:Dt0VPFfsKAkrbPlYG+g
Malware Config
Targets
-
-
Target
JaffaCakes118_5cc5ce0551c3d69592fee469332f2abd
-
Size
435KB
-
MD5
5cc5ce0551c3d69592fee469332f2abd
-
SHA1
7d3aabd696f32fffe8594f43cf3dab2546b2dffb
-
SHA256
cf2fb5cf282157f8494747c0e2caf9976df207fc6e0d52937b2b8105d5d7218b
-
SHA512
856697d18e675ed1e9c6692e957181820d588dfec688ecda9753e2ae1d7500e1361d9537a57e14ad22e5e80d6e6462134b7a40a86c67606b492361e6fc1f6844
-
SSDEEP
6144:wGzRxSVtp0l6whGfsKR+zkBpTaa5tJHYt4Z4g:Dt0VPFfsKAkrbPlYG+g
Score10/10-
Gh0st RAT payload
-
Gh0strat
Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.
-
Gh0strat family
-
Executes dropped EXE
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-