General

  • Target

    e13b4122e9fe0b01964fc5c281faca9c_JaffaCakes118

  • Size

    760KB

  • MD5

    e13b4122e9fe0b01964fc5c281faca9c

  • SHA1

    c7f59eb73110a5fb23d30184f58d56e550f4a01a

  • SHA256

    a9b06c582a33077f022a158526d7b740b45634df15e049d85c484283585be2f7

  • SHA512

    4708bc369a4f4d4ce8f61ca23fe82aebd6c6bd9a62a7f22747556c87b1cda3c8bf60e437181ac2bbdb3b1c5eccef95395ab0397ab4c5ce2545f5592104232e8b

  • SSDEEP

    12288:B3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/Rmr:dOA4aWNn/m09fKIaaBEtWq3A1Ov8JgbY

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

darkcomat.no-ip.biz:64444

Mutex

DC_MUTEX-C273N2N

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    eV70zLgXTwTa

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    MicroUpdate

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e13b4122e9fe0b01964fc5c281faca9c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    ebfc01781fe5d13ae5cf3546d3da52da


    Headers

    Imports

    Sections