General
-
Target
b330626c52373d4726bbfb9f0eef7003_JaffaCakes118
-
Size
2.1MB
-
Sample
241129-x45dvasldy
-
MD5
b330626c52373d4726bbfb9f0eef7003
-
SHA1
c554d2e07e0e562b0b421a2ba9b4b1086f64ecd1
-
SHA256
ad022b9a38c9fb19a5918068a4366a038deb3dfe7340dbdf3c150810ba6dc07a
-
SHA512
384a74aa103a65f28cd0d9dc02bdc6e094008b52b5354b5b8aae717b0b70da9691fab28aed6f911d94ef2a46b9f9128e70db7be22939114d397709b2a9f50bde
-
SSDEEP
24576:tuFVVIU3TYwkZgsFoEXaCsZhZnH7ZwArBN6H9DZHrli9nOVb:HH9Rg9nOV
Static task
static1
Behavioral task
behavioral1
Sample
b330626c52373d4726bbfb9f0eef7003_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
b330626c52373d4726bbfb9f0eef7003_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
b330626c52373d4726bbfb9f0eef7003_JaffaCakes118
-
Size
2.1MB
-
MD5
b330626c52373d4726bbfb9f0eef7003
-
SHA1
c554d2e07e0e562b0b421a2ba9b4b1086f64ecd1
-
SHA256
ad022b9a38c9fb19a5918068a4366a038deb3dfe7340dbdf3c150810ba6dc07a
-
SHA512
384a74aa103a65f28cd0d9dc02bdc6e094008b52b5354b5b8aae717b0b70da9691fab28aed6f911d94ef2a46b9f9128e70db7be22939114d397709b2a9f50bde
-
SSDEEP
24576:tuFVVIU3TYwkZgsFoEXaCsZhZnH7ZwArBN6H9DZHrli9nOVb:HH9Rg9nOV
Score10/10-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-