General
-
Target
9a10fd9402f430eaf52a7dbb562997c9_JaffaCakes118
-
Size
658KB
-
Sample
240606-gca3xshg2v
-
MD5
9a10fd9402f430eaf52a7dbb562997c9
-
SHA1
7c2978c9229eb9b1a85235d164d002f84e99f005
-
SHA256
56b237b519bf0ff53cde47321e1420800ef7f8d1f29739e8137db59050837d56
-
SHA512
e8d3d11dd79bef2beaa2acc69198b5089b402fbbb1397db8a54995cb6bdea8b970c78376c77ca6810ab68bb1bf282eae34f8d6f22959952ab853aa9691602080
-
SSDEEP
12288:u9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFJ:6iBIGkbxqEcjsWiDxguehC2SK
Behavioral task
behavioral1
Sample
9a10fd9402f430eaf52a7dbb562997c9_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
darkcomet
Guest16
agamon888.hopto.org:1604
DC_MUTEX-15WRC0Z
-
gencode
NnWs4Qut2Lls
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
9a10fd9402f430eaf52a7dbb562997c9_JaffaCakes118
-
Size
658KB
-
MD5
9a10fd9402f430eaf52a7dbb562997c9
-
SHA1
7c2978c9229eb9b1a85235d164d002f84e99f005
-
SHA256
56b237b519bf0ff53cde47321e1420800ef7f8d1f29739e8137db59050837d56
-
SHA512
e8d3d11dd79bef2beaa2acc69198b5089b402fbbb1397db8a54995cb6bdea8b970c78376c77ca6810ab68bb1bf282eae34f8d6f22959952ab853aa9691602080
-
SSDEEP
12288:u9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFJ:6iBIGkbxqEcjsWiDxguehC2SK
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-