General
-
Target
1afee45b1af1049ebd98e883ebb891f7_JaffaCakes118
-
Size
726KB
-
Sample
240701-mtrd5azgkr
-
MD5
1afee45b1af1049ebd98e883ebb891f7
-
SHA1
b20d0417b3d9e37d37119e2fe6a25f9d5321622b
-
SHA256
c40927f26f16d7573800843bd1970c9d8f257e57dcd4e34eccda4dadd539fee0
-
SHA512
6a06b29cb5a5f15dd3283167e5b7274e461aede85bb3b6066470a9fd61d6a0e41200ac1c1ae402f0ee954ee62841e452b32e7b8c1f73eab5b38b9eddc987c329
-
SSDEEP
12288:/8QzMxO8IAtfzUeSCpe6KBYLDMPe170B8aOkkluU8v6DYURhMmY3eVv1YQgEX0PH:/8vxciQALDMPL8WhU8vcJceVv1a1MQ1r
Static task
static1
Behavioral task
behavioral1
Sample
1afee45b1af1049ebd98e883ebb891f7_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
darkcomet
CHIMIE
makesure.zapto.org:1000
makesure.zapto.org:1604
DC_MUTEX-756RWYZ
-
gencode
9V01bHaCRv71
-
install
false
-
offline_keylogger
true
-
password
123456
-
persistence
false
Targets
-
-
Target
1afee45b1af1049ebd98e883ebb891f7_JaffaCakes118
-
Size
726KB
-
MD5
1afee45b1af1049ebd98e883ebb891f7
-
SHA1
b20d0417b3d9e37d37119e2fe6a25f9d5321622b
-
SHA256
c40927f26f16d7573800843bd1970c9d8f257e57dcd4e34eccda4dadd539fee0
-
SHA512
6a06b29cb5a5f15dd3283167e5b7274e461aede85bb3b6066470a9fd61d6a0e41200ac1c1ae402f0ee954ee62841e452b32e7b8c1f73eab5b38b9eddc987c329
-
SSDEEP
12288:/8QzMxO8IAtfzUeSCpe6KBYLDMPe170B8aOkkluU8v6DYURhMmY3eVv1YQgEX0PH:/8vxciQALDMPL8WhU8vcJceVv1a1MQ1r
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-