General
-
Target
6416e78b9dbe5c49458ab82dee9cd3cd_JaffaCakes118
-
Size
1.9MB
-
Sample
240722-vyha1sygjj
-
MD5
6416e78b9dbe5c49458ab82dee9cd3cd
-
SHA1
77a3dbe272c9181c8c0607c98f30b5f68e115e01
-
SHA256
776ea59c7b0331ce6251a9b6e0e5c9554b1a2ca2adac6e772fd19afbda034eeb
-
SHA512
eaa19f7b656e97a2060bdcaf591bc60df103d9499805372e0e77e8b7de8a7e84e30031b4ec432c5b758613e69dcf1201c8a839bd2c8dc2bbdb1599c53768611b
-
SSDEEP
49152:sAZGuj5/Uf9+1gi1TeWyv7BttIHlOWdyC+:nj5MohE7BwQ+yC+
Static task
static1
Behavioral task
behavioral1
Sample
6416e78b9dbe5c49458ab82dee9cd3cd_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
darkcomet
Guest16
serenitychat.no-ip.biz:27015
DC_MUTEX-RCVU3CF
-
gencode
dJGhvQ2HimZY
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6416e78b9dbe5c49458ab82dee9cd3cd_JaffaCakes118
-
Size
1.9MB
-
MD5
6416e78b9dbe5c49458ab82dee9cd3cd
-
SHA1
77a3dbe272c9181c8c0607c98f30b5f68e115e01
-
SHA256
776ea59c7b0331ce6251a9b6e0e5c9554b1a2ca2adac6e772fd19afbda034eeb
-
SHA512
eaa19f7b656e97a2060bdcaf591bc60df103d9499805372e0e77e8b7de8a7e84e30031b4ec432c5b758613e69dcf1201c8a839bd2c8dc2bbdb1599c53768611b
-
SSDEEP
49152:sAZGuj5/Uf9+1gi1TeWyv7BttIHlOWdyC+:nj5MohE7BwQ+yC+
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-