General

  • Target

    1b16b12d3173fc7d9e367af488934fb4_JaffaCakes118

  • Size

    658KB

  • MD5

    1b16b12d3173fc7d9e367af488934fb4

  • SHA1

    fae4f74602773f66ae574e5adedb43fff66c28d6

  • SHA256

    f596cc3ee3d53376fc24f363d50c51210e381c8d60f02ebc08f56681afd72ea6

  • SHA512

    c5460ad9f848c5442aa5b36ef988c5c4d4d318cbe4dde3d34f4485060950a95f38233b5ceef7dffb62ba738ecd8c0a6ea51c99cfd699307d8b629717d0925c7f

  • SSDEEP

    12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h/:WZ1xuVVjfFoynPaVBUR8f+kN10EB5

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

95.215.254.97:1604

Mutex

DC_MUTEX-5F4P2ZS

Attributes
  • gencode

    CHwp4Gq604H6

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1b16b12d3173fc7d9e367af488934fb4_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections