General
-
Target
6167ef56e2d65f200e34f98edd16476c_JaffaCakes118
-
Size
756KB
-
Sample
240521-afa4rscd3v
-
MD5
6167ef56e2d65f200e34f98edd16476c
-
SHA1
be92e11e579604770fd3c7bbff2eb54872267299
-
SHA256
f1232a3ce1b7fb19e7c5d24c85dc422ff3114dd74bc40d4095c31f2c55f51949
-
SHA512
fc1bf9224c804fb01dc2e5c8dc9a1a221a6982f90f9179e234ade790fad0f1a4f9ea4233d627bd6f71efae7d829182071458542326b440b9e758d349ce27bfdd
-
SSDEEP
12288:F9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hj:PZ1xuVVjfFoynPaVBUR8f+kN10EBx
Behavioral task
behavioral1
Sample
6167ef56e2d65f200e34f98edd16476c_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
darkcomet
Guest16
zozorf.hopto.org:1604
DC_MUTEX-XNRMK5M
-
gencode
gFFxV3kBcDyT
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6167ef56e2d65f200e34f98edd16476c_JaffaCakes118
-
Size
756KB
-
MD5
6167ef56e2d65f200e34f98edd16476c
-
SHA1
be92e11e579604770fd3c7bbff2eb54872267299
-
SHA256
f1232a3ce1b7fb19e7c5d24c85dc422ff3114dd74bc40d4095c31f2c55f51949
-
SHA512
fc1bf9224c804fb01dc2e5c8dc9a1a221a6982f90f9179e234ade790fad0f1a4f9ea4233d627bd6f71efae7d829182071458542326b440b9e758d349ce27bfdd
-
SSDEEP
12288:F9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hj:PZ1xuVVjfFoynPaVBUR8f+kN10EBx
-
Disables Task Manager via registry modification
-