Overview

overview

10

Static

static

10

1b16b12d31...18.exe

windows7-x64

10

1b16b12d31...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b16b12d3173fc7d9e367af488934fb4_JaffaCakes118

  • Size

    658KB

  • Sample

    240506-gpjwlaec89

  • MD5

    1b16b12d3173fc7d9e367af488934fb4

  • SHA1

    fae4f74602773f66ae574e5adedb43fff66c28d6

  • SHA256

    f596cc3ee3d53376fc24f363d50c51210e381c8d60f02ebc08f56681afd72ea6

  • SHA512

    c5460ad9f848c5442aa5b36ef988c5c4d4d318cbe4dde3d34f4485060950a95f38233b5ceef7dffb62ba738ecd8c0a6ea51c99cfd699307d8b629717d0925c7f

  • SSDEEP

    12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h/:WZ1xuVVjfFoynPaVBUR8f+kN10EB5

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

95.215.254.97:1604

Mutex

DC_MUTEX-5F4P2ZS

Attributes
  • gencode

    CHwp4Gq604H6

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      1b16b12d3173fc7d9e367af488934fb4_JaffaCakes118

    • Size

      658KB

    • MD5

      1b16b12d3173fc7d9e367af488934fb4

    • SHA1

      fae4f74602773f66ae574e5adedb43fff66c28d6

    • SHA256

      f596cc3ee3d53376fc24f363d50c51210e381c8d60f02ebc08f56681afd72ea6

    • SHA512

      c5460ad9f848c5442aa5b36ef988c5c4d4d318cbe4dde3d34f4485060950a95f38233b5ceef7dffb62ba738ecd8c0a6ea51c99cfd699307d8b629717d0925c7f

    • SSDEEP

      12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h/:WZ1xuVVjfFoynPaVBUR8f+kN10EB5

    Score
    10/10
    darkcometguest16rattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks