General

  • Target

    JaffaCakes118_0cc4530fbe82361b94bfb760d5d8f1e0

  • Size

    658KB

  • Sample

    250220-tfcgdaxqcy

  • MD5

    0cc4530fbe82361b94bfb760d5d8f1e0

  • SHA1

    4233f92424cdacd9d834d1ff3132780b1f59284b

  • SHA256

    a7ea320f7713123df6380335d151d50f7b343d559b82977a708c555856b16ab7

  • SHA512

    d2bd9f0d35c2575ce6286eb7550dfeededec99632e8991fcc9354235d6b2b53b84e9a850344701ce53e389fc707885d4b9d85a552f688be3a7a06e07bb4a4ab0

  • SSDEEP

    12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFi:SiBIGkbxqEcjsWiDxguehC2Sd

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

rattedmyfriend.no-ip.biz:8003

Mutex

DC_MUTEX-JS6ZU7Z

Attributes
  • gencode

    CP4ccgzrLr6A

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

rc4.plain

Targets

    • Target

      JaffaCakes118_0cc4530fbe82361b94bfb760d5d8f1e0

    • Size

      658KB

    • MD5

      0cc4530fbe82361b94bfb760d5d8f1e0

    • SHA1

      4233f92424cdacd9d834d1ff3132780b1f59284b

    • SHA256

      a7ea320f7713123df6380335d151d50f7b343d559b82977a708c555856b16ab7

    • SHA512

      d2bd9f0d35c2575ce6286eb7550dfeededec99632e8991fcc9354235d6b2b53b84e9a850344701ce53e389fc707885d4b9d85a552f688be3a7a06e07bb4a4ab0

    • SSDEEP

      12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFi:SiBIGkbxqEcjsWiDxguehC2Sd

MITRE ATT&CK Enterprise v15

Tasks