General
-
Target
114aa56733914456c83bc16d88886dcc_JaffaCakes118
-
Size
708KB
-
Sample
240626-jy959axbmr
-
MD5
114aa56733914456c83bc16d88886dcc
-
SHA1
d7d8c642c9c7b1be95071031271c9e21ebf786ba
-
SHA256
7956de14ab897ef378e76a54bf0a7312b3f8b6bc0872a6c690054d7ae82ec915
-
SHA512
ba814cc37f0c9730ec617682371b847b7c362eceb42605b9522bbe98e147cd9fd609526c2c84b6a6e5225e10aca33ce7e2a0f88e59921bec35119dd4532dcdb1
-
SSDEEP
12288:lw9w/MKRMx74JB0wpTqzUAhsrylGE9Wy7+uPhrvzRoCtINiNOq:lwcMKRqa0wpT2UAGGL9LPhvMoA
Static task
static1
Behavioral task
behavioral1
Sample
114aa56733914456c83bc16d88886dcc_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
darkcomet
Guest16
192.168.1.100:1604
dummydolly.zapto.org:1604
DC_MUTEX-F54S21D
-
gencode
JWQUSQmi0Yb4
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
114aa56733914456c83bc16d88886dcc_JaffaCakes118
-
Size
708KB
-
MD5
114aa56733914456c83bc16d88886dcc
-
SHA1
d7d8c642c9c7b1be95071031271c9e21ebf786ba
-
SHA256
7956de14ab897ef378e76a54bf0a7312b3f8b6bc0872a6c690054d7ae82ec915
-
SHA512
ba814cc37f0c9730ec617682371b847b7c362eceb42605b9522bbe98e147cd9fd609526c2c84b6a6e5225e10aca33ce7e2a0f88e59921bec35119dd4532dcdb1
-
SSDEEP
12288:lw9w/MKRMx74JB0wpTqzUAhsrylGE9Wy7+uPhrvzRoCtINiNOq:lwcMKRqa0wpT2UAGGL9LPhvMoA
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-