General
-
Target
7b7e6897d405f41094508551477206c4_JaffaCakes118
-
Size
728KB
-
Sample
240731-grlg7szejl
-
MD5
7b7e6897d405f41094508551477206c4
-
SHA1
72368a864f7a5df7f694faecf78eba52a4d24a46
-
SHA256
a858651b8cd66f203193a8cddc4163d6a0cf75afab7b4c5a6a554588295e9142
-
SHA512
e5bed87dc39dec0cd8d847987cf1b5c6e63e3098cc5df9df8a58b56fb94f4d3925615585f71c755a30c468ffff18bcb4a639c6c50ca4b298452ac65f7e10776d
-
SSDEEP
12288:jHMlozJlUnRmBTW9AVBp25nW3XxNeASo631QQqq+4xx9C+0MGc0fw5n4x7D9A:jHjlU4B/VHMWnqkKZcZ/DO
Static task
static1
Behavioral task
behavioral1
Sample
7b7e6897d405f41094508551477206c4_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
darkcomet
Guest16
darkcon.zapto.org:512
DC_MUTEX-F54S21D
-
gencode
EyfM4iNxatbr
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
7b7e6897d405f41094508551477206c4_JaffaCakes118
-
Size
728KB
-
MD5
7b7e6897d405f41094508551477206c4
-
SHA1
72368a864f7a5df7f694faecf78eba52a4d24a46
-
SHA256
a858651b8cd66f203193a8cddc4163d6a0cf75afab7b4c5a6a554588295e9142
-
SHA512
e5bed87dc39dec0cd8d847987cf1b5c6e63e3098cc5df9df8a58b56fb94f4d3925615585f71c755a30c468ffff18bcb4a639c6c50ca4b298452ac65f7e10776d
-
SSDEEP
12288:jHMlozJlUnRmBTW9AVBp25nW3XxNeASo631QQqq+4xx9C+0MGc0fw5n4x7D9A:jHjlU4B/VHMWnqkKZcZ/DO
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-