General
-
Target
56a5b0a28bb4b14956977dfe6def40a9_JaffaCakes118
-
Size
6.5MB
-
Sample
240718-kskh3s1dqr
-
MD5
56a5b0a28bb4b14956977dfe6def40a9
-
SHA1
59095e7afd64c91cc8f6d8a9eed3230d960f361e
-
SHA256
24c7ce219369223dada0233930938d06b805f45b7062fdcbc1bcef643a337b8d
-
SHA512
dd7803df4fd0b874b7239b28ff789b1e61fe3c62aab82a8c86489c4db3982bfebc371a5519412551a70996bffbd8e9d75ffcde0522229854e7431a21ea9a4d05
-
SSDEEP
196608:+ohfVGzTVG5ymVr66MJblv/FkYiJqr5UH:Nf+TVG5xrVMJhv/bxu
Static task
static1
Behavioral task
behavioral1
Sample
56a5b0a28bb4b14956977dfe6def40a9_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
56a5b0a28bb4b14956977dfe6def40a9_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
56a5b0a28bb4b14956977dfe6def40a9_JaffaCakes118
-
Size
6.5MB
-
MD5
56a5b0a28bb4b14956977dfe6def40a9
-
SHA1
59095e7afd64c91cc8f6d8a9eed3230d960f361e
-
SHA256
24c7ce219369223dada0233930938d06b805f45b7062fdcbc1bcef643a337b8d
-
SHA512
dd7803df4fd0b874b7239b28ff789b1e61fe3c62aab82a8c86489c4db3982bfebc371a5519412551a70996bffbd8e9d75ffcde0522229854e7431a21ea9a4d05
-
SSDEEP
196608:+ohfVGzTVG5ymVr66MJblv/FkYiJqr5UH:Nf+TVG5xrVMJhv/bxu
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-