General
-
Target
1d754fc5eeefb1ecfcbee71119f6e8ae_JaffaCakes118
-
Size
912KB
-
Sample
240702-z172nstepq
-
MD5
1d754fc5eeefb1ecfcbee71119f6e8ae
-
SHA1
09fd950750257d02876ed88796e6e522b712d495
-
SHA256
cfa494e50bdf6c585b8759d785e734c73e364930502401ef4394884f28528901
-
SHA512
6cd3a66a550eb7889a9339cb319b671f829adf916cf4ea27148e928cbab5a0c19f94aa3f1586e1f77b48a909a92503619c4f569f68df72a7f2e2c1aac830fe5f
-
SSDEEP
24576:gknEfPa5dIkVvMihjgdZ+AZI+7xyUiAMgKExU:gIQudpVvTdgb+OkifK
Static task
static1
Behavioral task
behavioral1
Sample
1d754fc5eeefb1ecfcbee71119f6e8ae_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
1d754fc5eeefb1ecfcbee71119f6e8ae_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
darkcomet
Guest16_min
danchronic.no-ip.biz:1604
DCMIN_MUTEX-B4VGL58
-
gencode
njsT99UQDotX
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
1d754fc5eeefb1ecfcbee71119f6e8ae_JaffaCakes118
-
Size
912KB
-
MD5
1d754fc5eeefb1ecfcbee71119f6e8ae
-
SHA1
09fd950750257d02876ed88796e6e522b712d495
-
SHA256
cfa494e50bdf6c585b8759d785e734c73e364930502401ef4394884f28528901
-
SHA512
6cd3a66a550eb7889a9339cb319b671f829adf916cf4ea27148e928cbab5a0c19f94aa3f1586e1f77b48a909a92503619c4f569f68df72a7f2e2c1aac830fe5f
-
SSDEEP
24576:gknEfPa5dIkVvMihjgdZ+AZI+7xyUiAMgKExU:gIQudpVvTdgb+OkifK
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-