General
-
Target
897bac2ec0b4a05efa4cb40c86308325_JaffaCakes118
-
Size
526KB
-
Sample
240811-h4z2sszfqk
-
MD5
897bac2ec0b4a05efa4cb40c86308325
-
SHA1
84c835b97e27f9b3960a585290fa48456785eaf8
-
SHA256
7692e809bada2d60b1c696836268a1fca2cadb7aca9d455d2425968307f0beb7
-
SHA512
1a768a73eccfcb8f32a7854e242ce331b531d5623ad2e0dfbd059bacc98232f90da080d80fa0f19268f1e75288f8619a9ea25c8a8ca6f4093ce194b1294bb30f
-
SSDEEP
6144:lOKu7aMfaoa1tNVzgbJuUGvhV6uWCxhFSB5K:lPu7aj1tNrlhVDDhFSB5
Static task
static1
Behavioral task
behavioral1
Sample
897bac2ec0b4a05efa4cb40c86308325_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-PDCTFY1
-
gencode
14ztnvlhgltf
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
897bac2ec0b4a05efa4cb40c86308325_JaffaCakes118
-
Size
526KB
-
MD5
897bac2ec0b4a05efa4cb40c86308325
-
SHA1
84c835b97e27f9b3960a585290fa48456785eaf8
-
SHA256
7692e809bada2d60b1c696836268a1fca2cadb7aca9d455d2425968307f0beb7
-
SHA512
1a768a73eccfcb8f32a7854e242ce331b531d5623ad2e0dfbd059bacc98232f90da080d80fa0f19268f1e75288f8619a9ea25c8a8ca6f4093ce194b1294bb30f
-
SSDEEP
6144:lOKu7aMfaoa1tNVzgbJuUGvhV6uWCxhFSB5K:lPu7aj1tNrlhVDDhFSB5
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-