General
-
Target
6037995835a785a752639476e649a992_JaffaCakes118
-
Size
946KB
-
Sample
240720-2ch4rayalb
-
MD5
6037995835a785a752639476e649a992
-
SHA1
a37c182ca65dd6a22d76b702268766df9132cdf3
-
SHA256
c0d60354f5ab983f7d3cadc96d2b9b28467524617ab1e9be23d6a705921fc969
-
SHA512
b0f941bd36e6c1810b2e91348cc2b50888f5ca2c3b6335315003f390416eeb277b9c9533f04373cafad06afa192ce81f2c93f37bdf931a9cc3d47d514d05e0fd
-
SSDEEP
12288:e+37m01mnQaRQ6Zirxrq2Eh8xwkl8E4w5huat7UovONzbXw7:e3dNQ6Ae2Eh8tdhHwNzbXk
Static task
static1
Behavioral task
behavioral1
Sample
6037995835a785a752639476e649a992_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
darkcomet
Zombi
ozowarac.no-ip.org:1604
DC_MUTEX-TF3J9AX
-
gencode
7zTW8Ld2Lb3z
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6037995835a785a752639476e649a992_JaffaCakes118
-
Size
946KB
-
MD5
6037995835a785a752639476e649a992
-
SHA1
a37c182ca65dd6a22d76b702268766df9132cdf3
-
SHA256
c0d60354f5ab983f7d3cadc96d2b9b28467524617ab1e9be23d6a705921fc969
-
SHA512
b0f941bd36e6c1810b2e91348cc2b50888f5ca2c3b6335315003f390416eeb277b9c9533f04373cafad06afa192ce81f2c93f37bdf931a9cc3d47d514d05e0fd
-
SSDEEP
12288:e+37m01mnQaRQ6Zirxrq2Eh8xwkl8E4w5huat7UovONzbXw7:e3dNQ6Ae2Eh8tdhHwNzbXk
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-