General
-
Target
1a9bfa306b0ad647be3e18585c7bc3e5_JaffaCakes118
-
Size
95KB
-
Sample
240701-kesmja1gle
-
MD5
1a9bfa306b0ad647be3e18585c7bc3e5
-
SHA1
0fc0a292ea1edfebac41f70921406037ae497508
-
SHA256
17befabe6d986f5138da0db0880fc7eee03ab8d5931a379bb3b2754aab188109
-
SHA512
e2753f220a3438b27da169158c5bd1239ade49b4af606279cd356a2cc95f49c0d40e62e7d381fd9e1bb122f2a9168cd2eb87e84d8dea038d2be58c46829cd914
-
SSDEEP
1536:3ucFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prXx4+u:3uOS4jHS8q/3nTzePCwNUh4E9hLu
Static task
static1
Behavioral task
behavioral1
Sample
1a9bfa306b0ad647be3e18585c7bc3e5_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
1a9bfa306b0ad647be3e18585c7bc3e5_JaffaCakes118
-
Size
95KB
-
MD5
1a9bfa306b0ad647be3e18585c7bc3e5
-
SHA1
0fc0a292ea1edfebac41f70921406037ae497508
-
SHA256
17befabe6d986f5138da0db0880fc7eee03ab8d5931a379bb3b2754aab188109
-
SHA512
e2753f220a3438b27da169158c5bd1239ade49b4af606279cd356a2cc95f49c0d40e62e7d381fd9e1bb122f2a9168cd2eb87e84d8dea038d2be58c46829cd914
-
SSDEEP
1536:3ucFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prXx4+u:3uOS4jHS8q/3nTzePCwNUh4E9hLu
Score10/10-
Gh0st RAT payload
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-