General

  • Target

    8d791801fa078e4e1e806d295da56aa4_JaffaCakes118

  • Size

    735KB

  • MD5

    8d791801fa078e4e1e806d295da56aa4

  • SHA1

    4aaaee757b6e9d07d511c951ede98e86c2344595

  • SHA256

    90dca261cdf62cf57388f0ec53862f52177fcd89cd258caf57f738659f617e13

  • SHA512

    9534fc3e1a98c7eb95af43ecd7d26c9831c7c325b81269c44257fcb27fd309b996717affd7cf884eb6771fd65d0db1a63a91cd4b659414dd77b9136b5c8ada03

  • SSDEEP

    12288:vXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Up:fnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JZ

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

hoangduybmbm.zapto.org:4567

Mutex

DC_MUTEX-AHH4VSD

Attributes
  • gencode

    Hqj5MNYoQxF1

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8d791801fa078e4e1e806d295da56aa4_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    0476e7cb10dfdf778f67f55072917b7d


    Headers

    Imports

    Sections