General

  • Target

    ee16119ee4c7349e936af19841d5ec48_JaffaCakes118

  • Size

    660KB

  • MD5

    ee16119ee4c7349e936af19841d5ec48

  • SHA1

    77b918ffeb4211a3b59376b6c95fece8bf6345e2

  • SHA256

    e28bc84a02e8151e658d4a288cc7a68a352020601750eb048ad0bb491db26b04

  • SHA512

    ef7d5b56fe6ec187560783e66192fbcfe3f266cb15f15cc26f7de79d16d40f2bb997b469d611b77c22b683e2b7c0dd72520a9627d24a9def0269611e88eb1af2

  • SSDEEP

    12288:wXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Uy:WnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Ji

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

kazanthehacker.no-ip.biz:81

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    Gi68cl6ooDlu

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ee16119ee4c7349e936af19841d5ec48_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    0476e7cb10dfdf778f67f55072917b7d


    Headers

    Imports

    Sections