General

  • Target

    a684586b46c62bb2940a8a6f756d4224

  • Size

    821KB

  • Sample

    240226-q877zafh4w

  • MD5

    a684586b46c62bb2940a8a6f756d4224

  • SHA1

    9995c276fe04ce778af9d0445f958baa2168a21c

  • SHA256

    3a91fcec0032ad3ef870d50b494272d220ea13861f873dd5b348b859f5e825c6

  • SHA512

    13e70f8f474a3ec73b8813b13d565a384d43c930fc0263bba4167a7cf72fffc36a1bfc3de03cf2e0e1420a253e9b76e12a13ab4484ece026836160453989952e

  • SSDEEP

    12288:CUAveojxhN5YSl10R/IqSBk58uKTGPMiLeFv6uqos2MlXMHWPR1KfoRcnF4Wx9qW:LbSIR/998ZGPMXy5R8vuWxtX

Score
10/10

Malware Config

Targets

    • Target

      a684586b46c62bb2940a8a6f756d4224

    • Size

      821KB

    • MD5

      a684586b46c62bb2940a8a6f756d4224

    • SHA1

      9995c276fe04ce778af9d0445f958baa2168a21c

    • SHA256

      3a91fcec0032ad3ef870d50b494272d220ea13861f873dd5b348b859f5e825c6

    • SHA512

      13e70f8f474a3ec73b8813b13d565a384d43c930fc0263bba4167a7cf72fffc36a1bfc3de03cf2e0e1420a253e9b76e12a13ab4484ece026836160453989952e

    • SSDEEP

      12288:CUAveojxhN5YSl10R/IqSBk58uKTGPMiLeFv6uqos2MlXMHWPR1KfoRcnF4Wx9qW:LbSIR/998ZGPMXy5R8vuWxtX

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks