General

  • Target

    3c9575a8332c38ff0d303ada4f927f02cb18769a490e0f51506d85c8269967f5

  • Size

    666KB

  • Sample

    221004-g841wafhaj

  • MD5

    16d3550265a5e950616cc39e228101de

  • SHA1

    bee802d6339f028cf3bba8cc493dc1e92227ed65

  • SHA256

    3c9575a8332c38ff0d303ada4f927f02cb18769a490e0f51506d85c8269967f5

  • SHA512

    685c5ebe3cf6529cf887da53e5b9ae2a9f27db68bfb67a5acd5bf7d17267e8051d0e28451d79dcdcb1516feec53c2211f860418006c1ff4f8d4acd52146b1e70

  • SSDEEP

    12288:4pwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/il:iwAcu99lPzvxP+Bsz2XjWTRMQckkIXn

Score
10/10

Malware Config

Targets

    • Target

      3c9575a8332c38ff0d303ada4f927f02cb18769a490e0f51506d85c8269967f5

    • Size

      666KB

    • MD5

      16d3550265a5e950616cc39e228101de

    • SHA1

      bee802d6339f028cf3bba8cc493dc1e92227ed65

    • SHA256

      3c9575a8332c38ff0d303ada4f927f02cb18769a490e0f51506d85c8269967f5

    • SHA512

      685c5ebe3cf6529cf887da53e5b9ae2a9f27db68bfb67a5acd5bf7d17267e8051d0e28451d79dcdcb1516feec53c2211f860418006c1ff4f8d4acd52146b1e70

    • SSDEEP

      12288:4pwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG91uhKIXn/il:iwAcu99lPzvxP+Bsz2XjWTRMQckkIXn

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks