General

  • Target

    JaffaCakes118_2c3b871b2617a5951e67a409222b1c10

  • Size

    658KB

  • MD5

    2c3b871b2617a5951e67a409222b1c10

  • SHA1

    aa494a462b621e5e529437dea985f2d35453ba8b

  • SHA256

    9727f13c802b0b30b6f182683a9f2b62ca99680ed787ae2bd2bbad49a54f5ca0

  • SHA512

    835b6a3580b05ceac4999072dbee30820ffafb97672087fdd2ee012d42c40872c75d2893e2994d8a1df699db4960ab0b05412fed55562f76eab7b7282fd68b32

  • SSDEEP

    12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hr:GZ1xuVVjfFoynPaVBUR8f+kN10EBx

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

utrilla.no-ip.biz:100

Mutex

DC_MUTEX-46L219L

Attributes
  • gencode

    BN5KGPimWRsM

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

rc4.plain

Signatures

  • Darkcomet family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_2c3b871b2617a5951e67a409222b1c10
    .exe windows:4 windows x86 arch:x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections