General
-
Target
cdcf0ba6fbd462694af1a138b199af92_JaffaCakes118
-
Size
700KB
-
Sample
241206-s7452a1jap
-
MD5
cdcf0ba6fbd462694af1a138b199af92
-
SHA1
82b7e3a61883a0b43ea7a5fa69717cd895cf0c8d
-
SHA256
219973fe92369d337e411f0aeba3c55293331e682d7fda1e1fa187145e73c29e
-
SHA512
7b41364227fda6de4388b9ee7f644b4f5d8520222f35571a44b7e72d1049119f87575694b8662437e603bfd8eda50008bdfe3ae05a9a95c263c8e29def5a48e2
-
SSDEEP
12288:0YBEmz5X5/6QFYbpGdGfzfSR8FKNQ5mJUOfVm+b2FsTZ:0YBEiX+7rfSRcIQ5mhk+bwst
Static task
static1
Behavioral task
behavioral1
Sample
cdcf0ba6fbd462694af1a138b199af92_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:81
DC_MUTEX-N6XE286
-
gencode
jvqHz797QMwi
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
cdcf0ba6fbd462694af1a138b199af92_JaffaCakes118
-
Size
700KB
-
MD5
cdcf0ba6fbd462694af1a138b199af92
-
SHA1
82b7e3a61883a0b43ea7a5fa69717cd895cf0c8d
-
SHA256
219973fe92369d337e411f0aeba3c55293331e682d7fda1e1fa187145e73c29e
-
SHA512
7b41364227fda6de4388b9ee7f644b4f5d8520222f35571a44b7e72d1049119f87575694b8662437e603bfd8eda50008bdfe3ae05a9a95c263c8e29def5a48e2
-
SSDEEP
12288:0YBEmz5X5/6QFYbpGdGfzfSR8FKNQ5mJUOfVm+b2FsTZ:0YBEiX+7rfSRcIQ5mhk+bwst
-
Darkcomet family
-
Suspicious use of SetThreadContext
-