General

  • Target

    6e177f685216ddbba45252a203f73d49

  • Size

    658KB

  • Sample

    240121-29nqhacah6

  • MD5

    6e177f685216ddbba45252a203f73d49

  • SHA1

    45d02ccb8aab5ad980f6ec6752eafbcdf480ffc1

  • SHA256

    844c4e50c0235f31fda4df5a0d4ba22f62d2b5c5910a86719a9aa95bdbc36233

  • SHA512

    59f4a67e0c8981da062a0cdecc217efc29be98a03857a94ecfb91d54b3f4308ef8b05b4ef80a8d3336b909673eebf611a59045daef0b9226f50cf27ea2228f65

  • SSDEEP

    12288:x9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKVX:HAQ6Zx9cxTmOrucTIEFSpOGEX

Score
10/10

Malware Config

Targets

    • Target

      6e177f685216ddbba45252a203f73d49

    • Size

      658KB

    • MD5

      6e177f685216ddbba45252a203f73d49

    • SHA1

      45d02ccb8aab5ad980f6ec6752eafbcdf480ffc1

    • SHA256

      844c4e50c0235f31fda4df5a0d4ba22f62d2b5c5910a86719a9aa95bdbc36233

    • SHA512

      59f4a67e0c8981da062a0cdecc217efc29be98a03857a94ecfb91d54b3f4308ef8b05b4ef80a8d3336b909673eebf611a59045daef0b9226f50cf27ea2228f65

    • SSDEEP

      12288:x9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKVX:HAQ6Zx9cxTmOrucTIEFSpOGEX

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks