General
-
Target
JaffaCakes118_5487e1ba2bfb752435898357e8540772
-
Size
612KB
-
Sample
250306-cnkdhsvxdv
-
MD5
5487e1ba2bfb752435898357e8540772
-
SHA1
763429db5179d155356cd69ff0ed73246ee75486
-
SHA256
ca8b291207507cc94d56f4a8c73fac112e19f62839c29a39ca66c1d896349368
-
SHA512
0773771580c592318793aa10d9469536e07f6a995dfc86c0091d37d6c39f960b0620db64afa37e5760facd3b968705cdd56231e713c0f86a12ab44fb0656377f
-
SSDEEP
12288:eb1UB5CIw/9tf/yY0dclKCDiN/zU0u7Fw4MFgySRWVu:012Tw/vyRdSDiN/zUBw4MFgySUc
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_5487e1ba2bfb752435898357e8540772.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
- gencode
-
install
false
-
offline_keylogger
false
-
persistence
false
Extracted
darkcomet
Guest16
gribyassine.zapto.org:91
DC_MUTEX-F54S21D
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
Wrl$+vxjGy3u
-
install
true
-
offline_keylogger
true
-
persistence
true
-
reg_key
MicroUpdate
Targets
-
-
Target
JaffaCakes118_5487e1ba2bfb752435898357e8540772
-
Size
612KB
-
MD5
5487e1ba2bfb752435898357e8540772
-
SHA1
763429db5179d155356cd69ff0ed73246ee75486
-
SHA256
ca8b291207507cc94d56f4a8c73fac112e19f62839c29a39ca66c1d896349368
-
SHA512
0773771580c592318793aa10d9469536e07f6a995dfc86c0091d37d6c39f960b0620db64afa37e5760facd3b968705cdd56231e713c0f86a12ab44fb0656377f
-
SSDEEP
12288:eb1UB5CIw/9tf/yY0dclKCDiN/zU0u7Fw4MFgySRWVu:012Tw/vyRdSDiN/zUBw4MFgySUc
-
Darkcomet family
-
Suspicious use of SetThreadContext
-