Overview

overview

10

Static

static

NEFT Payme...pt.exe

windows7_x64

10

NEFT Payme...pt.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEFT Payment Reciept.exe

  • Size

    888KB

  • Sample

    210621-fg5dtc1mx6

  • MD5

    dbced1fec389e90c07221f2fd2c19c13

  • SHA1

    1de2c803f3083941e39e0e5b7e6fe5cafa2c075b

  • SHA256

    d58997e7440fa5314b8a3d2dface651186199e382c3b84afb67649c4baaa7b6f

  • SHA512

    1f98b3027a7d2baf5225b7cd08aab33b5137eb54725aa15dd475b5c48be4ecfa2f3e459cb6b5431e53cc5a571d92a70b9b6471af30ece1bcbe0905f69d896cdf

Score
10/10
darkcometrattrojanupx

Malware Config

Targets

    • Target

      NEFT Payment Reciept.exe

    • Size

      888KB

    • MD5

      dbced1fec389e90c07221f2fd2c19c13

    • SHA1

      1de2c803f3083941e39e0e5b7e6fe5cafa2c075b

    • SHA256

      d58997e7440fa5314b8a3d2dface651186199e382c3b84afb67649c4baaa7b6f

    • SHA512

      1f98b3027a7d2baf5225b7cd08aab33b5137eb54725aa15dd475b5c48be4ecfa2f3e459cb6b5431e53cc5a571d92a70b9b6471af30ece1bcbe0905f69d896cdf

    Score
    10/10
    darkcometrattrojanupx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops startup file

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks