General
-
Target
1593241035013c441a7a4b0facf68d11_JaffaCakes118
-
Size
1.4MB
-
Sample
240627-lzj2kavfqd
-
MD5
1593241035013c441a7a4b0facf68d11
-
SHA1
ebb2690cc893204a574ca94945d76359f88edd8b
-
SHA256
c71228dd40c9cca4cf7dbd4d36bd92b3857ce006fbdadba7607457d8d04678e5
-
SHA512
318945ed544a202c4ec8d09bce921ef3c9c9336dee16f633106cbebca7fa53b09dc390fafe024d214f4392eb46a6c08b6d5467876ad31693b110eda20fa2c5fd
-
SSDEEP
24576:knAw2WWeFcfbP9VPSPMTSPL/rWvzq4JJfpkgX51oiyzZozG7XVNyVbZ:OELbVMTrOq4GgX51py17XnyxZ
Behavioral task
behavioral1
Sample
1593241035013c441a7a4b0facf68d11_JaffaCakes118.exe
Resource
win7-20240419-en
Malware Config
Extracted
darkcomet
Guest16
dr-hacker.no-ip.org:81
DC_MUTEX-F54S21D
-
gencode
4mFiu4NvJRJC
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
1593241035013c441a7a4b0facf68d11_JaffaCakes118
-
Size
1.4MB
-
MD5
1593241035013c441a7a4b0facf68d11
-
SHA1
ebb2690cc893204a574ca94945d76359f88edd8b
-
SHA256
c71228dd40c9cca4cf7dbd4d36bd92b3857ce006fbdadba7607457d8d04678e5
-
SHA512
318945ed544a202c4ec8d09bce921ef3c9c9336dee16f633106cbebca7fa53b09dc390fafe024d214f4392eb46a6c08b6d5467876ad31693b110eda20fa2c5fd
-
SSDEEP
24576:knAw2WWeFcfbP9VPSPMTSPL/rWvzq4JJfpkgX51oiyzZozG7XVNyVbZ:OELbVMTrOq4GgX51py17XnyxZ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-