General

  • Target

    b84fe4fe1b454f9121d9a7393466019a_JaffaCakes118

  • Size

    660KB

  • MD5

    b84fe4fe1b454f9121d9a7393466019a

  • SHA1

    2c61e67a5ef71430c87368e56fd5acdd62d9d403

  • SHA256

    d6d28cdbcec01ce468471cda9da849918b43ef93563fc9d713ea3b8e27fe2c28

  • SHA512

    c15b095c8e31af3af497730c79ac56549cee1be21dc9237d8170af7e49c1775fe2a043be1835e1c93274713775132c2a878cca53df823717ada86702afcaac65

  • SSDEEP

    12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UI:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JY

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

braveheart.no-ip.biz:1604

Mutex

DC_MUTEX-PRPT89Q

Attributes
  • gencode

    ZQMwpH0e6WPP

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b84fe4fe1b454f9121d9a7393466019a_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    0476e7cb10dfdf778f67f55072917b7d


    Headers

    Imports

    Sections