General

  • Target

    488c1c79c6300c17462f9f40bd2b9937_JaffaCakes118

  • Size

    756KB

  • Sample

    240515-3fpw5she8y

  • MD5

    488c1c79c6300c17462f9f40bd2b9937

  • SHA1

    d8e8c406516d3df3b5eb8583cc808fcfb729731f

  • SHA256

    22f99193dcb430b6ffeeb276ba68f109a3518dc7b0ddb97757f30b7536888022

  • SHA512

    8721eec6e92a46e9e0fa2b817b20812aff3a386767ed2732d31691ec01a69c5ce7caf2676c5544f3b945fd37e82a522fb6bd016ce42c53181eaa848c8d1f6ac5

  • SSDEEP

    12288:D9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h8svvE:NZ1xuVVjfFoynPaVBUR8f+kN10EBBvvE

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-BXV0MBU

Attributes
  • gencode

    3ftlAx6rYAwF

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      488c1c79c6300c17462f9f40bd2b9937_JaffaCakes118

    • Size

      756KB

    • MD5

      488c1c79c6300c17462f9f40bd2b9937

    • SHA1

      d8e8c406516d3df3b5eb8583cc808fcfb729731f

    • SHA256

      22f99193dcb430b6ffeeb276ba68f109a3518dc7b0ddb97757f30b7536888022

    • SHA512

      8721eec6e92a46e9e0fa2b817b20812aff3a386767ed2732d31691ec01a69c5ce7caf2676c5544f3b945fd37e82a522fb6bd016ce42c53181eaa848c8d1f6ac5

    • SSDEEP

      12288:D9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h8svvE:NZ1xuVVjfFoynPaVBUR8f+kN10EBBvvE

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Matrix ATT&CK v13

Tasks