General
-
Target
92c2cdc4c51b7dd0aff671bce756da82_JaffaCakes118
-
Size
1.2MB
-
Sample
240813-mzjw8szajd
-
MD5
92c2cdc4c51b7dd0aff671bce756da82
-
SHA1
c114dc4ff949815321d6f7e9128ab6166ef6f8c0
-
SHA256
c8de43e26f714e30f65860b7b2ccc29b59a807a1d170d94456a3fe70d7117ddc
-
SHA512
8f47a8df5e7fcd8aa3dfaef31a72bb93aa1c3b295e17430f43462e8f8466ea6fa811504713da21c83d3474694fe91d83956f9ca744f21aef46df4bbc3c082320
-
SSDEEP
24576:UglzELk2U1zQ1bjM59MjDLsSIQgmrGtq/vZLqcj7mKsD0QZh9u:UIH28z0j0MLs/QrT3
Behavioral task
behavioral1
Sample
92c2cdc4c51b7dd0aff671bce756da82_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
darkcomet
Guest16
zakariaelagha.no-ip.biz:1604
DC_MUTEX-F54S21D
-
gencode
epMu79A5QmxD
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
92c2cdc4c51b7dd0aff671bce756da82_JaffaCakes118
-
Size
1.2MB
-
MD5
92c2cdc4c51b7dd0aff671bce756da82
-
SHA1
c114dc4ff949815321d6f7e9128ab6166ef6f8c0
-
SHA256
c8de43e26f714e30f65860b7b2ccc29b59a807a1d170d94456a3fe70d7117ddc
-
SHA512
8f47a8df5e7fcd8aa3dfaef31a72bb93aa1c3b295e17430f43462e8f8466ea6fa811504713da21c83d3474694fe91d83956f9ca744f21aef46df4bbc3c082320
-
SSDEEP
24576:UglzELk2U1zQ1bjM59MjDLsSIQgmrGtq/vZLqcj7mKsD0QZh9u:UIH28z0j0MLs/QrT3
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-