darkcomet | 0d1a16f7360275ea0df412555d8df41c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d1a16f7360275ea0df412555d8df41c_JaffaCakes118
Size

1.5MB
MD5

0d1a16f7360275ea0df412555d8df41c
SHA1

0f35f4e9c1c3fea57560131d0cae0d6898ab78db
SHA256

9b5c188cf6c5ac53f106d91d47a6363964be7824df1ea737814267c1ce6c4a8f
SHA512

39366843c466d2288623f5c3de955b96fa7b6a7d007dbcf1b1184855fc371393b86d8c63c67ea7bc070ef2dad138057245120fd949cac6e24ebe6ee884a8159d
SSDEEP

24576:Jx03nIlcXgYZhukuphb03nZupkDyPtj73nbWmJVJFwSddIXvfhqbiaxvRxq96S:Jx0ycXgYWFX0c9tHamdZdcBYTS

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d1a16f7360275ea0df412555d8df41c_JaffaCakes118

Files

0d1a16f7360275ea0df412555d8df41c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Giovani\Desktop\Exploit Binder\Exploit\Exploit\Exploit\obj\Debug\Exploit.pdb

Imports

mscoree

_CorExeMain

Sections

.ADIF
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ