General
-
Target
6dda9f5d7b8f67fb71b550bbb8355792_JaffaCakes118
-
Size
1.1MB
-
Sample
240725-dctcqaxdkg
-
MD5
6dda9f5d7b8f67fb71b550bbb8355792
-
SHA1
9038bd72db95b4bc6f8c65753e93fa23f7c6e4b4
-
SHA256
36d0f347d19ccdaffb41c32ca02a5a98aebfa7a18f8c6f7b2130198e8dd0e336
-
SHA512
d31d635bb72042a508673bea44759eb0ee004d71d320c3688561ca6ac516a4bb1bdb9e37d28a972c87762eb412a4419f10920f7472d5c758cc36470d0987b1f0
-
SSDEEP
24576:WqWI5cDWz5yBHuU+biiIXOxPg1tbj4baouQL:PNlyYfGiIk6tYeouQL
Behavioral task
behavioral1
Sample
6dda9f5d7b8f67fb71b550bbb8355792_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
darkcomet
Guest16
love88.no-ip.biz:1604
DC_MUTEX-9SX27TM
-
gencode
iAeRJXlNcXbK
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
6dda9f5d7b8f67fb71b550bbb8355792_JaffaCakes118
-
Size
1.1MB
-
MD5
6dda9f5d7b8f67fb71b550bbb8355792
-
SHA1
9038bd72db95b4bc6f8c65753e93fa23f7c6e4b4
-
SHA256
36d0f347d19ccdaffb41c32ca02a5a98aebfa7a18f8c6f7b2130198e8dd0e336
-
SHA512
d31d635bb72042a508673bea44759eb0ee004d71d320c3688561ca6ac516a4bb1bdb9e37d28a972c87762eb412a4419f10920f7472d5c758cc36470d0987b1f0
-
SSDEEP
24576:WqWI5cDWz5yBHuU+biiIXOxPg1tbj4baouQL:PNlyYfGiIk6tYeouQL
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-