General

  • Target

    JaffaCakes118_303751bcf4517eeddf5920ff491d5cbd

  • Size

    655KB

  • MD5

    303751bcf4517eeddf5920ff491d5cbd

  • SHA1

    0d2e3554918907d6f90a722a6579e047e29545c4

  • SHA256

    79d109267b68ce87a577d79fc23b4c0a9491915ff2d1fd11dc270d608f679653

  • SHA512

    6ff1124acd386214249beab58142841fc405a6f64121f7e40938655af6563ba934cfc8da76bee2c94f47d87f77ff074566232e859a82570721eff115d239c3f8

  • SSDEEP

    12288:jpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIkn/r:lwAcu99lPzvxP+Bsz2XjWTRMQckkIknD

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

afkalkflcxvxcv.redirectme.net:1604

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    �G.e==B0l$Ko

  • install

    false

  • offline_keylogger

    false

  • persistence

    false

rc4.plain

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_303751bcf4517eeddf5920ff491d5cbd
    .exe windows:4 windows x86 arch:x86

    eedd309da92ed90ed28a0a0cfdbbb16c


    Headers

    Imports

    Sections