General
-
Target
1b1bc2f82ddd0936ad7ddb1541a9b172_JaffaCakes118
-
Size
700KB
-
Sample
240701-nhn1asyeng
-
MD5
1b1bc2f82ddd0936ad7ddb1541a9b172
-
SHA1
c0b501b70b6eea5916e44add1557a7dee1afe37e
-
SHA256
e7caf73f83e5ddb0fe30fed28db6857c316b5a175d42f3ddb8a1501d09642c22
-
SHA512
02d2211a674b34d81d5b3421207acfbb99d50e715511898bf7b0cc6e3d59951fcc93f69f1e7e638914806db58b26fadfcf5ff7dfa43ffea67ee89906e38c0af3
-
SSDEEP
12288:N/PnpWutXeeGFC4Jz221Bo2sth2X38n1yrgwjW:N/Pns0XeQ2sPtysnGge
Static task
static1
Behavioral task
behavioral1
Sample
1b1bc2f82ddd0936ad7ddb1541a9b172_JaffaCakes118.exe
Resource
win7-20240419-en
Malware Config
Extracted
darkcomet
ÓÇã
nnns.zapto.org:1604
DC_MUTEX-F54S21D
-
gencode
pZ2PbkJ4J7qu
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
1b1bc2f82ddd0936ad7ddb1541a9b172_JaffaCakes118
-
Size
700KB
-
MD5
1b1bc2f82ddd0936ad7ddb1541a9b172
-
SHA1
c0b501b70b6eea5916e44add1557a7dee1afe37e
-
SHA256
e7caf73f83e5ddb0fe30fed28db6857c316b5a175d42f3ddb8a1501d09642c22
-
SHA512
02d2211a674b34d81d5b3421207acfbb99d50e715511898bf7b0cc6e3d59951fcc93f69f1e7e638914806db58b26fadfcf5ff7dfa43ffea67ee89906e38c0af3
-
SSDEEP
12288:N/PnpWutXeeGFC4Jz221Bo2sth2X38n1yrgwjW:N/Pns0XeQ2sPtysnGge
-
Drops file in Drivers directory
-
Suspicious use of SetThreadContext
-