General
-
Target
d3dc03e5df892db9f1f11ec17681a073_JaffaCakes118
-
Size
712KB
-
Sample
241207-1433kasjen
-
MD5
d3dc03e5df892db9f1f11ec17681a073
-
SHA1
8524547ec483c9310d9cf45d283d54e7e0c9c3a8
-
SHA256
83172090765f0a1407136a42ec4c9b9c4b2c47a17ce4b4a5a26a2cf4d50175c8
-
SHA512
510ddd82192cf3407e140e4438d33fd02a28524d1a4d233c3093f0c684082ded13c78e772b02edcc349f79a9f6bf1190ba9e754c63451ebd574bc6be17b01278
-
SSDEEP
12288:6DZ+NiPdgvUu349qVQ26Tj3RlBecWy+AnO6ExZWM+ZEyleDYud+lTc+:6tnuVvKj37ktAO6AIh2ylOec+
Static task
static1
Behavioral task
behavioral1
Sample
d3dc03e5df892db9f1f11ec17681a073_JaffaCakes118.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
d3dc03e5df892db9f1f11ec17681a073_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
darkcomet
Guest16_min
127.0.0.1:1604
DCMIN_MUTEX-B497C1N
-
gencode
n3sLh5r610NL
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
d3dc03e5df892db9f1f11ec17681a073_JaffaCakes118
-
Size
712KB
-
MD5
d3dc03e5df892db9f1f11ec17681a073
-
SHA1
8524547ec483c9310d9cf45d283d54e7e0c9c3a8
-
SHA256
83172090765f0a1407136a42ec4c9b9c4b2c47a17ce4b4a5a26a2cf4d50175c8
-
SHA512
510ddd82192cf3407e140e4438d33fd02a28524d1a4d233c3093f0c684082ded13c78e772b02edcc349f79a9f6bf1190ba9e754c63451ebd574bc6be17b01278
-
SSDEEP
12288:6DZ+NiPdgvUu349qVQ26Tj3RlBecWy+AnO6ExZWM+ZEyleDYud+lTc+:6tnuVvKj37ktAO6AIh2ylOec+
Score10/10-
Darkcomet family
-
Suspicious use of SetThreadContext
-