General
-
Target
7ca08682ca6d9a60cdb68190196b644e_JaffaCakes118
-
Size
1.5MB
-
Sample
240528-mg7kksgf72
-
MD5
7ca08682ca6d9a60cdb68190196b644e
-
SHA1
224ef3c5376281b7aed832cfe0a07b3d88e94634
-
SHA256
763bd57d8dec6366174644ca1e92f974f895c3c995900068b1b1e013c00c2bec
-
SHA512
43fac1261f7a3008435fb17c1fdc85a45d263907a433c3feec8690e41da2dac316a18e04f4b349b37eee5b7c072f29dd115d786ef41b3380584b682da5aecee1
-
SSDEEP
24576:GiEYxyUt70b7sTJb0HxP7kOw17mjIpn2KwJfV97:1V00p0RP75o6jUnxcfH7
Static task
static1
Behavioral task
behavioral1
Sample
7ca08682ca6d9a60cdb68190196b644e_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
7ca08682ca6d9a60cdb68190196b644e_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
file.exe
Resource
win7-20240508-en
Malware Config
Extracted
darkcomet
hacked
sulumanco.duckdns.org:4000
DCMIN_MUTEX-5JGPC4U
-
gencode
PSXl8AA8UgHs
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
7ca08682ca6d9a60cdb68190196b644e_JaffaCakes118
-
Size
1.5MB
-
MD5
7ca08682ca6d9a60cdb68190196b644e
-
SHA1
224ef3c5376281b7aed832cfe0a07b3d88e94634
-
SHA256
763bd57d8dec6366174644ca1e92f974f895c3c995900068b1b1e013c00c2bec
-
SHA512
43fac1261f7a3008435fb17c1fdc85a45d263907a433c3feec8690e41da2dac316a18e04f4b349b37eee5b7c072f29dd115d786ef41b3380584b682da5aecee1
-
SSDEEP
24576:GiEYxyUt70b7sTJb0HxP7kOw17mjIpn2KwJfV97:1V00p0RP75o6jUnxcfH7
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
-
-
Target
file.exe
-
Size
1.6MB
-
MD5
e3603e6b91428087eb12338246595774
-
SHA1
81a184ffb1dbd62a7ecf555ab53d820be7bda8af
-
SHA256
5c583a1d407073f8db55e5facd87a7cfb476b8ec1df2b04d516320c749be985d
-
SHA512
16e3a3db42b93b227f7815d5b6a6e06df43556fb0262f993d9e3126803f4f1ce8af7b982c4c805136208a5a2352ed79c70bf8c412194e6e73ccc0caa11814b10
-
SSDEEP
24576:+Cdxte/80jYLT3U1jfsWaDJ04dZLqgEYdCyX609yh4Or0tD6yqueQ:Xw80cTsjkWaDuNO4yXJSDQtm4
-