Overview

overview

10

Static

static

7

0009c46fb7...18.exe

windows7-x64

10

0009c46fb7...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0009c46fb7484364a5f01f4993f1282f_JaffaCakes118

  • Size

    1019KB

  • Sample

    240621-2qznnaxemm

  • MD5

    0009c46fb7484364a5f01f4993f1282f

  • SHA1

    b3f434fc23319c4918f5fd3e052884ac453426ce

  • SHA256

    c4db1750e4acdfc8afc361d33e50c8dbde507e26c88c4a482ce0de092f661da0

  • SHA512

    75343fba5f4311ff34b8b21f4dbefa54a9b8dd0a2a11a37483644276577df6b0a124e4a65426e9fea35b1740abc5865873d3b996f2f7f265aa45732edbdb78a4

  • SSDEEP

    12288:FBMmKGnhDT+JlCWUvQV/jum1VeTcb6TltYAxAVwXGs5RJV/q+wqBxWlN8d+6fpgN:bMmnDC+WUvWjzKfYAbGot2eWl4cKh4

Score
10/10
darkcometrattrojanupx

Malware Config

Targets

    • Target

      0009c46fb7484364a5f01f4993f1282f_JaffaCakes118

    • Size

      1019KB

    • MD5

      0009c46fb7484364a5f01f4993f1282f

    • SHA1

      b3f434fc23319c4918f5fd3e052884ac453426ce

    • SHA256

      c4db1750e4acdfc8afc361d33e50c8dbde507e26c88c4a482ce0de092f661da0

    • SHA512

      75343fba5f4311ff34b8b21f4dbefa54a9b8dd0a2a11a37483644276577df6b0a124e4a65426e9fea35b1740abc5865873d3b996f2f7f265aa45732edbdb78a4

    • SSDEEP

      12288:FBMmKGnhDT+JlCWUvQV/jum1VeTcb6TltYAxAVwXGs5RJV/q+wqBxWlN8d+6fpgN:bMmnDC+WUvWjzKfYAbGot2eWl4cKh4

    Score
    10/10
    darkcometrattrojanupx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks