General

  • Target

    0fef7e057837928d3a7652f26f9a44cc_JaffaCakes118

  • Size

    788KB

  • Sample

    240625-3jj53azhmg

  • MD5

    0fef7e057837928d3a7652f26f9a44cc

  • SHA1

    e6b1ac0e1acc7f1434577c56baf11f925d0bfd7b

  • SHA256

    d812dd2ced120c192b19452e121f91f6e16b8fa90b153f2e0fecdd7f57243246

  • SHA512

    f84164a28a84290dace8049ee2309fd49ea262412ea78954f3f682aceb232c42866b00b6d7189372e0a5068d7f4e10a35057ae74fa017ce5708dba183155a5f8

  • SSDEEP

    12288:lljKo0CNrX1YN7xHjrczKifqIHhDZqSs0wiaFvq1KqnHwC/VFzuBlh2JvrI1Ng:lJnPTy1xHnCQWVq9x1iQ+OBTwI0

Score
10/10

Malware Config

Targets

    • Target

      0fef7e057837928d3a7652f26f9a44cc_JaffaCakes118

    • Size

      788KB

    • MD5

      0fef7e057837928d3a7652f26f9a44cc

    • SHA1

      e6b1ac0e1acc7f1434577c56baf11f925d0bfd7b

    • SHA256

      d812dd2ced120c192b19452e121f91f6e16b8fa90b153f2e0fecdd7f57243246

    • SHA512

      f84164a28a84290dace8049ee2309fd49ea262412ea78954f3f682aceb232c42866b00b6d7189372e0a5068d7f4e10a35057ae74fa017ce5708dba183155a5f8

    • SSDEEP

      12288:lljKo0CNrX1YN7xHjrczKifqIHhDZqSs0wiaFvq1KqnHwC/VFzuBlh2JvrI1Ng:lJnPTy1xHnCQWVq9x1iQ+OBTwI0

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks