General
-
Target
8ba73e50e6ade28e72f395b398fb74c3_JaffaCakes118
-
Size
450KB
-
Sample
240811-x265natfjk
-
MD5
8ba73e50e6ade28e72f395b398fb74c3
-
SHA1
b2d76baf1d3fa2e195866a1775c366bdee1704cb
-
SHA256
6bb1cd6bd59c60ecf98964c5d916d058724e684e6acf53e4094191af6df0f3be
-
SHA512
afc7465a3cb3022c12d5a8532eb462ec42661f7f4371afbdb9cc287e82ac847b6f29a4a1b187fcbdb9ff825dce6b88b970b630143bdfdf5db94a8fe4917a3752
-
SSDEEP
12288:qzoKMqSPFnu2wr0B/o6r3f9AfXiyliZOi8:FKMqqdurIB/93f7y8Qi
Static task
static1
Behavioral task
behavioral1
Sample
8ba73e50e6ade28e72f395b398fb74c3_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
darkcomet
Guest16
qaz3.no-ip.info:81
DC_MUTEX-H49DYYJ
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
NWSuYEBfbuDN
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
MicroUpdate
Targets
-
-
Target
8ba73e50e6ade28e72f395b398fb74c3_JaffaCakes118
-
Size
450KB
-
MD5
8ba73e50e6ade28e72f395b398fb74c3
-
SHA1
b2d76baf1d3fa2e195866a1775c366bdee1704cb
-
SHA256
6bb1cd6bd59c60ecf98964c5d916d058724e684e6acf53e4094191af6df0f3be
-
SHA512
afc7465a3cb3022c12d5a8532eb462ec42661f7f4371afbdb9cc287e82ac847b6f29a4a1b187fcbdb9ff825dce6b88b970b630143bdfdf5db94a8fe4917a3752
-
SSDEEP
12288:qzoKMqSPFnu2wr0B/o6r3f9AfXiyliZOi8:FKMqqdurIB/93f7y8Qi
-
Suspicious use of SetThreadContext
-