General
-
Target
7c0653f0b9c43c5a347d8e1c5e056882_JaffaCakes118
-
Size
649KB
-
Sample
240731-mekyssxhqj
-
MD5
7c0653f0b9c43c5a347d8e1c5e056882
-
SHA1
08933d7f579100faf8f99035adf0c1dc1f9ffd38
-
SHA256
8c0f9626da6375c3e25279d8abae422bbb51d4e1316c8ec6539b4a8a9e7b4981
-
SHA512
13284fd06e0297785e6d01e010789dbdd6be2b7b9758c473a0116edf36e3dbda6e910dfa1e4104593c77c29ada0f8b000fb1ace64ce8b601220f56e536dcc4b2
-
SSDEEP
12288:lk0QNlxOnizg37k4LUSd0rv5WvYW5HMzLXj9pqQd7cqESAYi991fA/aVG:G0QpGih4bd0rv5+l5szLXj917cqPu912
Behavioral task
behavioral1
Sample
7c0653f0b9c43c5a347d8e1c5e056882_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
darkcomet
server
discountitems.zapto.org:1604
DC_MUTEX-F54S21D
-
gencode
SLfiC1K4TDpV
-
install
false
-
offline_keylogger
true
-
persistence
false
Extracted
latentbot
discountitems.zapto.org
Targets
-
-
Target
7c0653f0b9c43c5a347d8e1c5e056882_JaffaCakes118
-
Size
649KB
-
MD5
7c0653f0b9c43c5a347d8e1c5e056882
-
SHA1
08933d7f579100faf8f99035adf0c1dc1f9ffd38
-
SHA256
8c0f9626da6375c3e25279d8abae422bbb51d4e1316c8ec6539b4a8a9e7b4981
-
SHA512
13284fd06e0297785e6d01e010789dbdd6be2b7b9758c473a0116edf36e3dbda6e910dfa1e4104593c77c29ada0f8b000fb1ace64ce8b601220f56e536dcc4b2
-
SSDEEP
12288:lk0QNlxOnizg37k4LUSd0rv5WvYW5HMzLXj9pqQd7cqESAYi991fA/aVG:G0QpGih4bd0rv5+l5szLXj917cqPu912
-
Modifies firewall policy service
-