General
-
Target
f8c595b0ee2de1b5bcfe30ba5f78e25d_JaffaCakes118
-
Size
875KB
-
Sample
240418-z6mmxsfb77
-
MD5
f8c595b0ee2de1b5bcfe30ba5f78e25d
-
SHA1
77a0fdfe5c252cce12e66706514d0d56bb14b86f
-
SHA256
9ba41cd0356b6dcd14220e3d8cf7dc3ede3affb42aec2e8713cfbc850e540ace
-
SHA512
0087c96eb714dfb205833bfd51f86da329c9f3ad9d3d8a763042e60d3faecf01a95f4ce5eb1e696ec5473ef8b033b7868b70f73fcfdbdd1ed9beba7c70f6619c
-
SSDEEP
12288:r9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnK2P0JfLY1S8xul:5AQ6Zx9cxTmOrucTIEFSpOGn0J8k8x
Malware Config
Targets
-
-
Target
f8c595b0ee2de1b5bcfe30ba5f78e25d_JaffaCakes118
-
Size
875KB
-
MD5
f8c595b0ee2de1b5bcfe30ba5f78e25d
-
SHA1
77a0fdfe5c252cce12e66706514d0d56bb14b86f
-
SHA256
9ba41cd0356b6dcd14220e3d8cf7dc3ede3affb42aec2e8713cfbc850e540ace
-
SHA512
0087c96eb714dfb205833bfd51f86da329c9f3ad9d3d8a763042e60d3faecf01a95f4ce5eb1e696ec5473ef8b033b7868b70f73fcfdbdd1ed9beba7c70f6619c
-
SSDEEP
12288:r9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnK2P0JfLY1S8xul:5AQ6Zx9cxTmOrucTIEFSpOGn0J8k8x
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-