General
-
Target
3e3e8902dc05885076e70519b7b6c97e_JaffaCakes118
-
Size
838KB
-
Sample
241013-gzqf5axarr
-
MD5
3e3e8902dc05885076e70519b7b6c97e
-
SHA1
55b7c4d8507acdf710028714286a1982736db734
-
SHA256
11847ac1d4d0cf10ffc6fe3dc801d9b4fa484f889ddce36c822774b733c110c3
-
SHA512
8722ccc52bef4d83641e081ba2d795fd83442d076b9ec02557978809dbf886cd9e6a801b845ca8cb0e5a911a3a2ad12d30d903a305022793dece345cc38d9a41
-
SSDEEP
24576:0skrgaFHiPrrrg3mdkrNlfXxE9nQwjOFT:0skrgDjrrgoANlFLB
Static task
static1
Behavioral task
behavioral1
Sample
3e3e8902dc05885076e70519b7b6c97e_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
Guest16
stickyzero2six.ddns.net:1604
DC_MUTEX-6036EEL
-
gencode
E6tUGzVFexSi
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
3e3e8902dc05885076e70519b7b6c97e_JaffaCakes118
-
Size
838KB
-
MD5
3e3e8902dc05885076e70519b7b6c97e
-
SHA1
55b7c4d8507acdf710028714286a1982736db734
-
SHA256
11847ac1d4d0cf10ffc6fe3dc801d9b4fa484f889ddce36c822774b733c110c3
-
SHA512
8722ccc52bef4d83641e081ba2d795fd83442d076b9ec02557978809dbf886cd9e6a801b845ca8cb0e5a911a3a2ad12d30d903a305022793dece345cc38d9a41
-
SSDEEP
24576:0skrgaFHiPrrrg3mdkrNlfXxE9nQwjOFT:0skrgDjrrgoANlFLB
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-