General

  • Target

    7719d0e8367fa5d34ea87c95a6e35176_JaffaCakes118

  • Size

    1.3MB

  • MD5

    7719d0e8367fa5d34ea87c95a6e35176

  • SHA1

    f50ac4008a870554cd036486aacef41dcd00bda9

  • SHA256

    ce1c536950fd9e6b41e6b13db2c1ecb1b67e78097202257a960ac42b184ed2f7

  • SHA512

    a5bf46d98e024fb11ff92ac534cb96a0df81888d41afa16aff339563f20ee1fe9892791ae2c6f71e47aef2fe0d81ba41405a648163927ec7795025c456cfecf7

  • SSDEEP

    24576:MZ1xuVVjfFoynPaVBUR8f+kN10EBZjZ1xuVVjfFoynPaVBUR8f+kN10EB:8QDgok30EQDgok30

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

hardywwe.sytes.net:1177

Mutex

DC_MUTEX-D2N7A52

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    hoCJyYF6vH0V

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    MicroUpdate

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7719d0e8367fa5d34ea87c95a6e35176_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections