General

  • Target

    10936a0e59098c95daab5556e96cb254_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240626-d15qnavfmm

  • MD5

    10936a0e59098c95daab5556e96cb254

  • SHA1

    69ee1e265a36a792a668752e168f714ce3f8f79c

  • SHA256

    be67665760a132a3ef5b38b60e6726d8fa5cbab2844263090829d0bfc705600b

  • SHA512

    3acf5a84df08b981c8abdf9b5abbdfcefaab049d1afb1e89daba2b17d0c39b05e9638068d15fe4a0392a6f223df84ecc96a022dc3f7b425b08185d54d05f35f2

  • SSDEEP

    24576:YuIUNRb0LwHRQ5p8f5Lizx5cDMpUzNBDKnbnZ7zNaEf95PxtGTi227uABdh:YM2V5p8Gxd50Efn2Ti2273Bf

Score
10/10

Malware Config

Targets

    • Target

      10936a0e59098c95daab5556e96cb254_JaffaCakes118

    • Size

      2.0MB

    • MD5

      10936a0e59098c95daab5556e96cb254

    • SHA1

      69ee1e265a36a792a668752e168f714ce3f8f79c

    • SHA256

      be67665760a132a3ef5b38b60e6726d8fa5cbab2844263090829d0bfc705600b

    • SHA512

      3acf5a84df08b981c8abdf9b5abbdfcefaab049d1afb1e89daba2b17d0c39b05e9638068d15fe4a0392a6f223df84ecc96a022dc3f7b425b08185d54d05f35f2

    • SSDEEP

      24576:YuIUNRb0LwHRQ5p8f5Lizx5cDMpUzNBDKnbnZ7zNaEf95PxtGTi227uABdh:YM2V5p8Gxd50Efn2Ti2273Bf

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks