General
-
Target
7c5c65a28d728fd575a690ec1d5562c8_JaffaCakes118
-
Size
2.2MB
-
Sample
241029-wrz3xsxhjq
-
MD5
7c5c65a28d728fd575a690ec1d5562c8
-
SHA1
c1cbb67faa54e3e0b5175ffcdf72de3e2dcd22ab
-
SHA256
ab9247c783f39a82aea86f750d0069fcf2e43b037348d02b7a03aa9d21b9c0da
-
SHA512
f1659fb2d7bf07b5291cd55d1278286156fb217780afd2849ec1d859ee688754d086a2643c0e56ac5a390af49f808a376280648ecf36c17fa27de4da3d7bef9c
-
SSDEEP
49152:oQovA8XCSco/O0KTAaSHPkiCQuVHsyk1ZKMDUMOn:JovA8XCBTK8iC5VHsgMDUMOn
Static task
static1
Behavioral task
behavioral1
Sample
7c5c65a28d728fd575a690ec1d5562c8_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
7c5c65a28d728fd575a690ec1d5562c8_JaffaCakes118
-
Size
2.2MB
-
MD5
7c5c65a28d728fd575a690ec1d5562c8
-
SHA1
c1cbb67faa54e3e0b5175ffcdf72de3e2dcd22ab
-
SHA256
ab9247c783f39a82aea86f750d0069fcf2e43b037348d02b7a03aa9d21b9c0da
-
SHA512
f1659fb2d7bf07b5291cd55d1278286156fb217780afd2849ec1d859ee688754d086a2643c0e56ac5a390af49f808a376280648ecf36c17fa27de4da3d7bef9c
-
SSDEEP
49152:oQovA8XCSco/O0KTAaSHPkiCQuVHsyk1ZKMDUMOn:JovA8XCBTK8iC5VHsgMDUMOn
-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-