General
-
Target
12afa41586011ca7da4c854e5aa25e20_JaffaCakes118
-
Size
1.8MB
-
Sample
240626-t9kpvataqh
-
MD5
12afa41586011ca7da4c854e5aa25e20
-
SHA1
5d39239559226d86bb42c95ee7e488e898782328
-
SHA256
225a79b6670f27da254a019a4111693edab9a1198148c303690089f467413ba1
-
SHA512
d85baa4d8a1ec8c01cbb390d78ac8bc8fab2ebc533aaa1f82f7400c2660c708483a569725224007759443e63a98627b516d82175283eed2822196e5d6bc0e6be
-
SSDEEP
49152:8oVAFnZq6c0zRnxGXKvGEDyY6vMpl6HuK9mxuQx:8zjqqo6GEDBpEOK9M
Static task
static1
Behavioral task
behavioral1
Sample
12afa41586011ca7da4c854e5aa25e20_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
darkcomet

nnns.zapto.org:4433
DC_MUTEX-Q2XZ4M3
-
gencode
N6RGFjbT4YgW
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
12afa41586011ca7da4c854e5aa25e20_JaffaCakes118
-
Size
1.8MB
-
MD5
12afa41586011ca7da4c854e5aa25e20
-
SHA1
5d39239559226d86bb42c95ee7e488e898782328
-
SHA256
225a79b6670f27da254a019a4111693edab9a1198148c303690089f467413ba1
-
SHA512
d85baa4d8a1ec8c01cbb390d78ac8bc8fab2ebc533aaa1f82f7400c2660c708483a569725224007759443e63a98627b516d82175283eed2822196e5d6bc0e6be
-
SSDEEP
49152:8oVAFnZq6c0zRnxGXKvGEDyY6vMpl6HuK9mxuQx:8zjqqo6GEDBpEOK9M
-
Drops file in Drivers directory
-
Suspicious use of SetThreadContext
-