General
-
Target
1a711246b276ce21ea055b041b4a777e_JaffaCakes118
-
Size
522KB
-
Sample
240628-rlt79swhrq
-
MD5
1a711246b276ce21ea055b041b4a777e
-
SHA1
408b34c29da8cdb6cbf04d64b096c64e3c864b43
-
SHA256
7a2b40243923cd5f7976e346b65a265bd2eac7c209ed722488fb63a1c882b06c
-
SHA512
ae4875168a26eda43afdd65aebe7e22bd51492e2d2c088e0174ec72d9d6b0ae36a14d40ea0675da84538c26bdd16f100ff0999476b48ea6faa84080761477bd4
-
SSDEEP
12288:UmBvjkh9HLCmWltxoJngJn5Ivg49A6eM6MT9c769k:nvgnGmm95IICtX6MJK6W
Static task
static1
Behavioral task
behavioral1
Sample
1a711246b276ce21ea055b041b4a777e_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
darkcomet
TARGETS
darkjordan.zapto.org:99
DC_MUTEX-6FPXA9V
-
InstallPath
MSDCSC\msdcsc.exe
-
gencode
Z1MR6HYJYTTL
-
install
true
-
offline_keylogger
true
-
password
1983
-
persistence
false
-
reg_key
MicroUpdate
Targets
-
-
Target
1a711246b276ce21ea055b041b4a777e_JaffaCakes118
-
Size
522KB
-
MD5
1a711246b276ce21ea055b041b4a777e
-
SHA1
408b34c29da8cdb6cbf04d64b096c64e3c864b43
-
SHA256
7a2b40243923cd5f7976e346b65a265bd2eac7c209ed722488fb63a1c882b06c
-
SHA512
ae4875168a26eda43afdd65aebe7e22bd51492e2d2c088e0174ec72d9d6b0ae36a14d40ea0675da84538c26bdd16f100ff0999476b48ea6faa84080761477bd4
-
SSDEEP
12288:UmBvjkh9HLCmWltxoJngJn5Ivg49A6eM6MT9c769k:nvgnGmm95IICtX6MJK6W
-
Suspicious use of SetThreadContext
-