General
-
Target
0fc01dda9ca1fca3e8a8316617e825c9_JaffaCakes118
-
Size
961KB
-
Sample
240625-2b1meaxdlg
-
MD5
0fc01dda9ca1fca3e8a8316617e825c9
-
SHA1
c59e099a59976111753a90e79fa42d9677692f83
-
SHA256
921a5999641713980a5b1d8b0ff845686c05cf656275388a4c7b92bc17a3169b
-
SHA512
4d28e2ee8ea384e536ad4f6652a5f6f1db5769cf8e93d82ef88ed681afd994ea272a5bc053dbf963a36ffeff6d9a2a7d9a15b2758c0cd892e6d2eb29b5a68764
-
SSDEEP
24576:v4HjMghBf97bDHzfdEpGNqCL9OcsSyvDfx:v4YkFbTzVEpGN34csnDZ
Static task
static1
Behavioral task
behavioral1
Sample
0fc01dda9ca1fca3e8a8316617e825c9_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
darkcomet
Guest16
pseudonymous44.no-ip.org:1604
DC_MUTEX-ECC8KAC
-
gencode
0bjfcDMc6a11
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
0fc01dda9ca1fca3e8a8316617e825c9_JaffaCakes118
-
Size
961KB
-
MD5
0fc01dda9ca1fca3e8a8316617e825c9
-
SHA1
c59e099a59976111753a90e79fa42d9677692f83
-
SHA256
921a5999641713980a5b1d8b0ff845686c05cf656275388a4c7b92bc17a3169b
-
SHA512
4d28e2ee8ea384e536ad4f6652a5f6f1db5769cf8e93d82ef88ed681afd994ea272a5bc053dbf963a36ffeff6d9a2a7d9a15b2758c0cd892e6d2eb29b5a68764
-
SSDEEP
24576:v4HjMghBf97bDHzfdEpGNqCL9OcsSyvDfx:v4YkFbTzVEpGN34csnDZ
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-