General

  • Target

    JaffaCakes118_2ba680c520ca8588fb75db254cc0d470

  • Size

    690KB

  • MD5

    2ba680c520ca8588fb75db254cc0d470

  • SHA1

    15ac9301840cd06aa0f33257126eecf23f6c1471

  • SHA256

    43ec58e9b111f2361351bb49da4ca369eda71594d491e0299665f871e79e71bd

  • SHA512

    7b1f79749cc4ec22f119eacb197842ff596071698cb18aadee8f131ca33888665298c8080b236fc472c567507c614322270906f6a01ae4b788249df6874ae16a

  • SSDEEP

    12288:N9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hnE:nZ1xuVVjfFoynPaVBUR8f+kN10EBG

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

craxxhack.zapto.org:81

craxxhack.zapto.org:82

craxxhack.zapto.org:83

Mutex

DC_MUTEX-38HGCW5

Attributes
  • InstallPath

    IBo0S\euYdH.exe

  • gencode

    7j55icHSclql

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    Ux2rc

rc4.plain

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_2ba680c520ca8588fb75db254cc0d470
    .exe windows:4 windows x86 arch:x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections