General
-
Target
f290bcd0a10a945a27348528ae1e28b8_JaffaCakes118
-
Size
3.5MB
-
Sample
241215-gf3mcavrh1
-
MD5
f290bcd0a10a945a27348528ae1e28b8
-
SHA1
f431bc91f1026e3a644756f08f20769a6be52c4a
-
SHA256
91e123c82523c2fc331266650bb55ecadad77be08673da19f24eed10236652d1
-
SHA512
42de9a08423f02c94217097ee7912817ccb86614a708cb7b9936f6586240d63824c898847292312a64993b834d13e193666765f57ae218a0de1032b323dfe85e
-
SSDEEP
98304:u5x9gcLho+OZPR/bERxZET+0O4eMLc9mDSR9ZBD0iDb+eV:u5Mcl+TYr2The4jU9j4iDb+e
Static task
static1
Behavioral task
behavioral1
Sample
f290bcd0a10a945a27348528ae1e28b8_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f290bcd0a10a945a27348528ae1e28b8_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f290bcd0a10a945a27348528ae1e28b8_JaffaCakes118
-
Size
3.5MB
-
MD5
f290bcd0a10a945a27348528ae1e28b8
-
SHA1
f431bc91f1026e3a644756f08f20769a6be52c4a
-
SHA256
91e123c82523c2fc331266650bb55ecadad77be08673da19f24eed10236652d1
-
SHA512
42de9a08423f02c94217097ee7912817ccb86614a708cb7b9936f6586240d63824c898847292312a64993b834d13e193666765f57ae218a0de1032b323dfe85e
-
SSDEEP
98304:u5x9gcLho+OZPR/bERxZET+0O4eMLc9mDSR9ZBD0iDb+eV:u5Mcl+TYr2The4jU9j4iDb+e
Score10/10-
Darkcomet family
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-