General
-
Target
JaffaCakes118_55af2c8c43ce9ce9149f1b253f9189da
-
Size
801KB
-
Sample
250306-klbbtsvkx4
-
MD5
55af2c8c43ce9ce9149f1b253f9189da
-
SHA1
21199b62099bea421b1808e59d8002b205e01185
-
SHA256
5120f5b13e79e136a4220f7b0dff6dd291a2c82a82d94a24b95cb2e7658859f3
-
SHA512
cd0f7854c1edf97b2ee218e8caeefb6e8e68354706d3b6710ea853a150f9e66d88a81bc28892e935d5ddacd8e4611d607b5dbed5d122a460f25bd9c5ff0438c8
-
SSDEEP
12288:xJADyBxMh1c2xeeooLI8ypsmLMFWATGaZkmhS3ef/H:xeAxMzVNI8/GAqSVCenH
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_55af2c8c43ce9ce9149f1b253f9189da.exe
Resource
win7-20240903-en
Malware Config
Extracted
darkcomet
Guest16
5.1.11.233:1604
DC_MUTEX-F54S21D
-
gencode
i7CEtWv=03m=
-
install
false
-
offline_keylogger
false
-
persistence
false
Targets
-
-
Target
JaffaCakes118_55af2c8c43ce9ce9149f1b253f9189da
-
Size
801KB
-
MD5
55af2c8c43ce9ce9149f1b253f9189da
-
SHA1
21199b62099bea421b1808e59d8002b205e01185
-
SHA256
5120f5b13e79e136a4220f7b0dff6dd291a2c82a82d94a24b95cb2e7658859f3
-
SHA512
cd0f7854c1edf97b2ee218e8caeefb6e8e68354706d3b6710ea853a150f9e66d88a81bc28892e935d5ddacd8e4611d607b5dbed5d122a460f25bd9c5ff0438c8
-
SSDEEP
12288:xJADyBxMh1c2xeeooLI8ypsmLMFWATGaZkmhS3ef/H:xeAxMzVNI8/GAqSVCenH
-
Darkcomet family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-