General
-
Target
951c990305d9ed864d0300f70583c1ea_JaffaCakes118
-
Size
810KB
-
Sample
240814-h2jl2azajd
-
MD5
951c990305d9ed864d0300f70583c1ea
-
SHA1
9699dad9e330c1f12391835b4e37d8855fc0c91a
-
SHA256
8f8150b7be05579734286698c9a71170c8b6817b7edefed48d3f1926227f2d67
-
SHA512
64ab3b6065b213c50af63623bd22845b1a6b6c1a07c0535ea38c3a491f9d7a7262c70b2ce04bfde0ca6114eef2f6baacbd2d98bd3b023840be51b9c92ef1c094
-
SSDEEP
24576:rAV9G0m+80d1g4qqxq86dEa9YQHnQ5bAzouw4PE3fHeE3fH:/zweK5AuB
Static task
static1
Behavioral task
behavioral1
Sample
951c990305d9ed864d0300f70583c1ea_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
darkcomet
Guest16
seewaffle.no-ip.biz:1604
DC_MUTEX-DUZKPX6
-
gencode
bs6yfcL2fpvU
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
951c990305d9ed864d0300f70583c1ea_JaffaCakes118
-
Size
810KB
-
MD5
951c990305d9ed864d0300f70583c1ea
-
SHA1
9699dad9e330c1f12391835b4e37d8855fc0c91a
-
SHA256
8f8150b7be05579734286698c9a71170c8b6817b7edefed48d3f1926227f2d67
-
SHA512
64ab3b6065b213c50af63623bd22845b1a6b6c1a07c0535ea38c3a491f9d7a7262c70b2ce04bfde0ca6114eef2f6baacbd2d98bd3b023840be51b9c92ef1c094
-
SSDEEP
24576:rAV9G0m+80d1g4qqxq86dEa9YQHnQ5bAzouw4PE3fHeE3fH:/zweK5AuB
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-