Extracted

• • Target

    1b13fd5d2438595750bd28c0512a5efc_JaffaCakes118

  • Size

    660KB

  • MD5

    1b13fd5d2438595750bd28c0512a5efc

  • SHA1

    12fa776a5a2c2f6b6abbb23512c32f5f89e09e6d

  • SHA256

    8f5bfa1785455e30f95dc1aab6855220db3077a497448cedc15b435274efe238

  • SHA512

    7013c113fe427a3c35cfe8fc29850cef0569a5e2319d13ec6df4679528fa88cf3b18e8f577405b2ae0543f3b0acab0ffbbc823370ce0fbd6e0511bf43bd62f2e

  • SSDEEP

    12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Un:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JX

  Score

  10^/10

  darkcometguest16evasionrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Sets file to hidden

    Modifies file attributes to stop it showing in Explorer etc.

    evasion

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2