General
-
Target
128963528e6cb03078ef9f584e946bd4_JaffaCakes118
-
Size
620KB
-
Sample
240626-taa2csthkn
-
MD5
128963528e6cb03078ef9f584e946bd4
-
SHA1
cbce6617606da167fdf40a390d9e75dc55cdc97e
-
SHA256
167f6c3cd08077a0a1f86513e84c27ae0f39d8b2f1bd1b2833e330465de0388c
-
SHA512
1239513f028948a35b577d30f5f354b6338f9a494d1e2aca84b0644fd262de34afaf1b6658b3294e821ee4da0b9035b3eeb6d8522eab3399321ceb4d6ca7b995
-
SSDEEP
12288:JTmbU0MBAUZB0igu6G/KdM9h2418lbkCZuoYYsK5yxXvX7L35yxXvX7L:JQUX0iA8Ko2wwgztYsAMDLpMDL
Static task
static1
Behavioral task
behavioral1
Sample
128963528e6cb03078ef9f584e946bd4_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
darkcomet
lozpe
lozpers.no-ip.biz:1604
DC_MUTEX-0AY9FAN
-
gencode
h5i5JEJmPirH
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
128963528e6cb03078ef9f584e946bd4_JaffaCakes118
-
Size
620KB
-
MD5
128963528e6cb03078ef9f584e946bd4
-
SHA1
cbce6617606da167fdf40a390d9e75dc55cdc97e
-
SHA256
167f6c3cd08077a0a1f86513e84c27ae0f39d8b2f1bd1b2833e330465de0388c
-
SHA512
1239513f028948a35b577d30f5f354b6338f9a494d1e2aca84b0644fd262de34afaf1b6658b3294e821ee4da0b9035b3eeb6d8522eab3399321ceb4d6ca7b995
-
SSDEEP
12288:JTmbU0MBAUZB0igu6G/KdM9h2418lbkCZuoYYsK5yxXvX7L35yxXvX7L:JQUX0iA8Ko2wwgztYsAMDLpMDL
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-