Overview

overview

10

Static

static

10

ae5bf0530d...18.exe

windows7-x64

10

ae5bf0530d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ae5bf0530df005274fda8b5ce90e33e1_JaffaCakes118

  • Size

    757KB

  • Sample

    240615-pbxjjazejb

  • MD5

    ae5bf0530df005274fda8b5ce90e33e1

  • SHA1

    bd58ce63f8145f2878e269aa14da338d061abfc0

  • SHA256

    50285be54bf49d72caa5b885023143eee486455d6847cb8b5f3c8935d3bd243e

  • SHA512

    a9537abecaa25e83a4b42ce627d3bb8b21428f38733e07b9e7fb395efbd83c72c24e0ce6780ec477e503d27b1015d90d5b4101e51476b5880f7b1fefbcc9e404

  • SSDEEP

    12288:CXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Ud:snAw2WWeFcfbP9VPSPMTSPL/rWvzq4JN

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    fj4HW8wbUNS8

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      ae5bf0530df005274fda8b5ce90e33e1_JaffaCakes118

    • Size

      757KB

    • MD5

      ae5bf0530df005274fda8b5ce90e33e1

    • SHA1

      bd58ce63f8145f2878e269aa14da338d061abfc0

    • SHA256

      50285be54bf49d72caa5b885023143eee486455d6847cb8b5f3c8935d3bd243e

    • SHA512

      a9537abecaa25e83a4b42ce627d3bb8b21428f38733e07b9e7fb395efbd83c72c24e0ce6780ec477e503d27b1015d90d5b4101e51476b5880f7b1fefbcc9e404

    • SSDEEP

      12288:CXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Ud:snAw2WWeFcfbP9VPSPMTSPL/rWvzq4JN

    Score
    10/10
    darkcometguest16rattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks