General
-
Target
e27079805806b6b5781cc5c5871baac5_JaffaCakes118
-
Size
356KB
-
Sample
241211-vmyhvswnel
-
MD5
e27079805806b6b5781cc5c5871baac5
-
SHA1
944d6c06b3b90ffbc673dec864383213192e75ff
-
SHA256
df2f1b608519349912a341a7736c4d2cf57841a96561ee9ac6d822e654b24ef8
-
SHA512
9de3a66e89828277b1c530b7eaf2f86f88a6ff8435f91837411563e015dc850f6ce4cb935232e687a2f5d81728081b938158aaf4c2e82cd8f8de40da25f5fb9e
-
SSDEEP
6144:cVT0ojk1/FLzRjI9pCoHiK+zYC0EiQ86JsAbvzsJV/FT41MggwU7wE:o0ojy/BRSpM2zb6qjVhxx9
Static task
static1
Behavioral task
behavioral1
Sample
e27079805806b6b5781cc5c5871baac5_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
MINICRAFT
95.25.114.135:1604
DC_MUTEX-BYZQF92
-
gencode
yGHj6XNKu577
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
e27079805806b6b5781cc5c5871baac5_JaffaCakes118
-
Size
356KB
-
MD5
e27079805806b6b5781cc5c5871baac5
-
SHA1
944d6c06b3b90ffbc673dec864383213192e75ff
-
SHA256
df2f1b608519349912a341a7736c4d2cf57841a96561ee9ac6d822e654b24ef8
-
SHA512
9de3a66e89828277b1c530b7eaf2f86f88a6ff8435f91837411563e015dc850f6ce4cb935232e687a2f5d81728081b938158aaf4c2e82cd8f8de40da25f5fb9e
-
SSDEEP
6144:cVT0ojk1/FLzRjI9pCoHiK+zYC0EiQ86JsAbvzsJV/FT41MggwU7wE:o0ojy/BRSpM2zb6qjVhxx9
-
Darkcomet family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-