General
-
Target
JaffaCakes118_4e78e7193d7ce8b9ac79f01d0e1787f0
-
Size
601KB
-
Sample
250304-t4f5gavvgt
-
MD5
4e78e7193d7ce8b9ac79f01d0e1787f0
-
SHA1
92185f6b6294817844995ab766c886c1152a2848
-
SHA256
1a290bfad5150aaad093fb4b1d3812470bb5f416f8701fa8019af87516b0573f
-
SHA512
277caa36ddcb06dc2fdced32aaa11c18d9ca99cd0ea9d41379fda81bef21f8b454a0860ea6e84869b62454cdf21cd13ad651c916790dc022e7b7945ce575ea3b
-
SSDEEP
12288:8VpkxMdC61S6tCaLFmN5xAzsjWqJLCWJyxzkAmRnI/fiP0DNCH6FFxMW1x2VpR:8VpkocLCvkApy8BCH6Hxu
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_4e78e7193d7ce8b9ac79f01d0e1787f0.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-F54S21D
- gencode
-
install
false
-
offline_keylogger
false
-
persistence
false
Targets
-
-
Target
JaffaCakes118_4e78e7193d7ce8b9ac79f01d0e1787f0
-
Size
601KB
-
MD5
4e78e7193d7ce8b9ac79f01d0e1787f0
-
SHA1
92185f6b6294817844995ab766c886c1152a2848
-
SHA256
1a290bfad5150aaad093fb4b1d3812470bb5f416f8701fa8019af87516b0573f
-
SHA512
277caa36ddcb06dc2fdced32aaa11c18d9ca99cd0ea9d41379fda81bef21f8b454a0860ea6e84869b62454cdf21cd13ad651c916790dc022e7b7945ce575ea3b
-
SSDEEP
12288:8VpkxMdC61S6tCaLFmN5xAzsjWqJLCWJyxzkAmRnI/fiP0DNCH6FFxMW1x2VpR:8VpkocLCvkApy8BCH6Hxu
-
Darkcomet family
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-