Overview

overview

10

Static

static

10

JaffaCakes...10.dll

windows7-x64

10

JaffaCakes...10.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_613ed9273883ac361c2a9d0c47b33910

  • Size

    100KB

  • Sample

    250310-zceefsxzcv

  • MD5

    613ed9273883ac361c2a9d0c47b33910

  • SHA1

    41b5120548d2a30941834e80963c3ca206435b1c

  • SHA256

    9a0ac11bbc0bcf59f5bcf3d097613ac94abdf8de32d6dd14e8f32c99dd072433

  • SHA512

    b31a03e97727282c956ade3c9e58e7a8f188457edce90dc7e52d4840e8dbecf739501d9cd1fbc625a1028e0d669c71be09de6c84711370a355a2df68c09bcfe7

  • SSDEEP

    1536:b/3bO2BLcWKDjR2/Wb+9V/1FimN6cKnbfboipP/GclUNEo:7bO2BLchDjr4lDimN6tnrboiplUNEo

Score
10/10
gh0stratdiscoveryrat

Malware Config

Targets

    • Target

      JaffaCakes118_613ed9273883ac361c2a9d0c47b33910

    • Size

      100KB

    • MD5

      613ed9273883ac361c2a9d0c47b33910

    • SHA1

      41b5120548d2a30941834e80963c3ca206435b1c

    • SHA256

      9a0ac11bbc0bcf59f5bcf3d097613ac94abdf8de32d6dd14e8f32c99dd072433

    • SHA512

      b31a03e97727282c956ade3c9e58e7a8f188457edce90dc7e52d4840e8dbecf739501d9cd1fbc625a1028e0d669c71be09de6c84711370a355a2df68c09bcfe7

    • SSDEEP

      1536:b/3bO2BLcWKDjR2/Wb+9V/1FimN6cKnbfboipP/GclUNEo:7bO2BLchDjr4lDimN6tnrboiplUNEo

    Score
    10/10
    gh0stratdiscoveryrat

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

      ratgh0strat

    • Gh0strat family

      gh0strat
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks