General
-
Target
923961d4ea28fb0c030698bef31c698a_JaffaCakes118
-
Size
671KB
-
Sample
240813-jwhyzsxann
-
MD5
923961d4ea28fb0c030698bef31c698a
-
SHA1
658f52218b17840372f414147fc41b9401016937
-
SHA256
5023af4b5a13c1032520bfcddad7afc344fbcd99c8368fcfa021cd82fbeae258
-
SHA512
7b797c6023b34015c207d0603cd0bf4dd6966b8ae0dee42ec8b93a8dae2967dc379921730460316381fddabbdfaee435e7a77a9f1bbe66b47035420f0690c566
-
SSDEEP
12288:mLwZ+DPllJVFVMedf6FhnNJpX8oxfyy4bBap6vBkvmCKhp6VM6aK61p/Z82q:mUZAtf6ZX1xfQ4p4kvmp7K61pBq
Static task
static1
Behavioral task
behavioral1
Sample
923961d4ea28fb0c030698bef31c698a_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
darkcomet
Guest16
109.58.74.208:80
DC_MUTEX-SRVLLNR
-
gencode
s46AfkVFZAfJ
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
923961d4ea28fb0c030698bef31c698a_JaffaCakes118
-
Size
671KB
-
MD5
923961d4ea28fb0c030698bef31c698a
-
SHA1
658f52218b17840372f414147fc41b9401016937
-
SHA256
5023af4b5a13c1032520bfcddad7afc344fbcd99c8368fcfa021cd82fbeae258
-
SHA512
7b797c6023b34015c207d0603cd0bf4dd6966b8ae0dee42ec8b93a8dae2967dc379921730460316381fddabbdfaee435e7a77a9f1bbe66b47035420f0690c566
-
SSDEEP
12288:mLwZ+DPllJVFVMedf6FhnNJpX8oxfyy4bBap6vBkvmCKhp6VM6aK61p/Z82q:mUZAtf6ZX1xfQ4p4kvmp7K61pBq
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-