General
-
Target
d1a81adcb2b654ac92172655905d21f3_JaffaCakes118
-
Size
1.4MB
-
Sample
241207-k3t59svrhw
-
MD5
d1a81adcb2b654ac92172655905d21f3
-
SHA1
76c49ad0511f2b0d2dedac0bbb37c6965f9bb419
-
SHA256
ba9ef84922ff0787de3e1c0cd23aedc711ba98694a92552941508372edadecac
-
SHA512
3cfb2409e94398b01db9dc462f0000143473e84ff67a60ec59b03b785f86e491308d22625cee36c9cd82f909e725793f70c6323f3d0b86898e4438938bec096d
-
SSDEEP
24576:saHMv6CorjqnyC8xlDG75HN8+zCD2i/x0HJ9tgPTtbN:s1vqjdC8PDeHN8+k2iKpmR
Static task
static1
Behavioral task
behavioral1
Sample
d1a81adcb2b654ac92172655905d21f3_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
d1a81adcb2b654ac92172655905d21f3_JaffaCakes118
-
Size
1.4MB
-
MD5
d1a81adcb2b654ac92172655905d21f3
-
SHA1
76c49ad0511f2b0d2dedac0bbb37c6965f9bb419
-
SHA256
ba9ef84922ff0787de3e1c0cd23aedc711ba98694a92552941508372edadecac
-
SHA512
3cfb2409e94398b01db9dc462f0000143473e84ff67a60ec59b03b785f86e491308d22625cee36c9cd82f909e725793f70c6323f3d0b86898e4438938bec096d
-
SSDEEP
24576:saHMv6CorjqnyC8xlDG75HN8+zCD2i/x0HJ9tgPTtbN:s1vqjdC8PDeHN8+k2iKpmR
-
Darkcomet family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-