General

  • Target

    JaffaCakes118_24135c15c8859f8fc57cb8ce472932d4

  • Size

    658KB

  • MD5

    24135c15c8859f8fc57cb8ce472932d4

  • SHA1

    9b2254c38a7306f5c8195223ea970a8198a0bb48

  • SHA256

    444e7e899dcdf819467de8bcd7e6ff9b783dd21d4d2295f2556af82d02c425dc

  • SHA512

    8e7c11ac5e80cc550a2690170311b95c3997f6546ac2af40e94f3fe6e6c0bcb009470b3a023f56508d7d8395b479544ce68589fb77fba324e8cf663489bb7d0a

  • SSDEEP

    12288:B9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKq:3AQ6Zx9cxTmOrucTIEFSpOGT

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    jSU5o.=p�%Gb

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

rc4.plain

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_24135c15c8859f8fc57cb8ce472932d4
    .exe windows:4 windows x86 arch:x86

    953362745986d4bf8459e5dd8885442f


    Headers

    Imports

    Sections