Resubmissions
10-12-2024 23:00
241210-2y3qaatmcz 10General
-
Target
dedd075c79305e69cf9cec3c757ecd89_JaffaCakes118
-
Size
532KB
-
Sample
241210-2y3qaatmcz
-
MD5
dedd075c79305e69cf9cec3c757ecd89
-
SHA1
1e39c5446aa23168c8a549907a237c1cbf246f21
-
SHA256
bca9c9b7d76727bc66cdccd93d506b11f8784e1ffa38b1b124a4c25f75aa7b3d
-
SHA512
193dbb20c33eccaa76dcd8a501034c16e81a78e3fa260834085bf871e86fb79cbe68e756d1783ececef903f21bcc32d74d2889da3b4a3ff848e7a1f69b147c98
-
SSDEEP
12288:yboBeI1XTheTFJubyk2CK9oi/HwxH+iey27nCz:1kIthKrutMb/HtieB
Static task
static1
Behavioral task
behavioral1
Sample
dedd075c79305e69cf9cec3c757ecd89_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
dedd075c79305e69cf9cec3c757ecd89_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
dedd075c79305e69cf9cec3c757ecd89_JaffaCakes118
-
Size
532KB
-
MD5
dedd075c79305e69cf9cec3c757ecd89
-
SHA1
1e39c5446aa23168c8a549907a237c1cbf246f21
-
SHA256
bca9c9b7d76727bc66cdccd93d506b11f8784e1ffa38b1b124a4c25f75aa7b3d
-
SHA512
193dbb20c33eccaa76dcd8a501034c16e81a78e3fa260834085bf871e86fb79cbe68e756d1783ececef903f21bcc32d74d2889da3b4a3ff848e7a1f69b147c98
-
SSDEEP
12288:yboBeI1XTheTFJubyk2CK9oi/HwxH+iey27nCz:1kIthKrutMb/HtieB
-
Darkcomet family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-