General
-
Target
a2b370874ae9da7947949d24b59027ae_JaffaCakes118
-
Size
742KB
-
MD5
a2b370874ae9da7947949d24b59027ae
-
SHA1
709a651423d477ec7608d5a06df6b882834186df
-
SHA256
d7ffdd70bde09a51344e1d6bfc1ee2b1e63364a853900b052f4834e5575542b0
-
SHA512
8a2a2b8e528daac428985add14761fd7c9ab0d8f64f2d6fae8ab9a80c14b03cce8b9e19d0c314dce7fe0f412bfdbb223a557dec4c58da191f54170aa0bcfa8c9
-
SSDEEP
12288:h3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE262c/:9OA4aWNn/m09fKIaaBEtWq3A1Ov8JgbP
Score
10/10
Malware Config
Extracted
Family
darkcomet
Botnet
bye
C2
wwww.www.no-ip.biz:1604
Mutex
DC_MUTEX-S0D5QAT
Attributes
-
gencode
bSRrZ9sX8HyY
-
install
false
-
offline_keylogger
true
-
persistence
false
Signatures
-
Darkcomet family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a2b370874ae9da7947949d24b59027ae_JaffaCakes118
Headers
Sections