Overview

overview

10

Static

static

OTAS BLESSINGS.exe

windows7_x64

10

OTAS BLESSINGS.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OTAS BLESSINGS.exe

  • Size

    888KB

  • Sample

    210616-rgxyxabgqe

  • MD5

    de275f412b283d66a92238762177ced4

  • SHA1

    ea9cd7b6de9fe20fa401bad6343c4e1dc5889356

  • SHA256

    5b202ebd2a8a9679587c55d7e508d16373846e6491436744dbc403e05f5798a3

  • SHA512

    ace5e4d5aeb59ae379597bed586bb7f24e239842214424099d6ace224ddd94f110deb0c2b47ca0558496eda7523194bd9ccb4b34ecfad5697a503713866523f0

Score
10/10
darkcometrattrojanupx

Malware Config

Targets

    • Target

      OTAS BLESSINGS.exe

    • Size

      888KB

    • MD5

      de275f412b283d66a92238762177ced4

    • SHA1

      ea9cd7b6de9fe20fa401bad6343c4e1dc5889356

    • SHA256

      5b202ebd2a8a9679587c55d7e508d16373846e6491436744dbc403e05f5798a3

    • SHA512

      ace5e4d5aeb59ae379597bed586bb7f24e239842214424099d6ace224ddd94f110deb0c2b47ca0558496eda7523194bd9ccb4b34ecfad5697a503713866523f0

    Score
    10/10
    darkcometrattrojanupx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops startup file

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks