General
-
Target
7cb4c9283ec17c9714abdb1ca430c9e7_JaffaCakes118
-
Size
718KB
-
Sample
241029-zta4csymb1
-
MD5
7cb4c9283ec17c9714abdb1ca430c9e7
-
SHA1
f7cd34a7f420d29139b963991bc834d6c384a3f5
-
SHA256
bcb4e32c5443bafb2b7e04c63b479d58c315f7e10f1ffe0301fb217f74e82056
-
SHA512
13dc4dab6ba76b88780bb1b57fc8c0cd7474da9c7d13ccf19cc80f99398e64fbc768ff83b489be8d1b70c2a98c20ef6d1db38f37723dd798b0eda2584c4f43e9
-
SSDEEP
12288:BbaPcNy7BkYFlq+DPlq8NLbZdHy8pFJkDsBNljU2goaILPpwmZPGmPJ8SgU:pu7Bzyp83g8pFusBNl42goRSuPGqJF
Static task
static1
Behavioral task
behavioral1
Sample
7cb4c9283ec17c9714abdb1ca430c9e7_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
darkcomet
Guest1
bardock.no-ip.org:1604
DC_MUTEX-4ALRNJD
-
gencode
pS49GsXU4wf8
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
7cb4c9283ec17c9714abdb1ca430c9e7_JaffaCakes118
-
Size
718KB
-
MD5
7cb4c9283ec17c9714abdb1ca430c9e7
-
SHA1
f7cd34a7f420d29139b963991bc834d6c384a3f5
-
SHA256
bcb4e32c5443bafb2b7e04c63b479d58c315f7e10f1ffe0301fb217f74e82056
-
SHA512
13dc4dab6ba76b88780bb1b57fc8c0cd7474da9c7d13ccf19cc80f99398e64fbc768ff83b489be8d1b70c2a98c20ef6d1db38f37723dd798b0eda2584c4f43e9
-
SSDEEP
12288:BbaPcNy7BkYFlq+DPlq8NLbZdHy8pFJkDsBNljU2goaILPpwmZPGmPJ8SgU:pu7Bzyp83g8pFusBNl42goRSuPGqJF
-
Darkcomet family
-
Suspicious use of SetThreadContext
-