darkcomet | a9a664f861c8760234dbd3438430c15d_JaffaCakes118 | Triage

Sharing

General

Target

a9a664f861c8760234dbd3438430c15d_JaffaCakes118
Size

900KB
MD5

a9a664f861c8760234dbd3438430c15d
SHA1

1b8abd32c9d2cbefa69ff495d9db18d941d579ff
SHA256

01bea97116f80c31705384db6c7e84ff216ef1dcf9daf8ae6ed3f2550b21b978
SHA512

511d478ddf174966f712d1582d5cf14be0dd5e9a21cfabef0f0e45a21e83878b53a3d5e102eb532ca6aae9b62fbd89ce41952f80f2ec0cf9d4f1ab655c1034eb
SSDEEP

12288:/4j9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:/UZ1xuVVjfFoynPaVBUR8f+kN10EB

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9a664f861c8760234dbd3438430c15d_JaffaCakes118

Files

a9a664f861c8760234dbd3438430c15d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 847KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ