General

  • Target

    11c7b1fbdc4098b9b9dcaedff6081323_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240626-m5l9jsvarj

  • MD5

    11c7b1fbdc4098b9b9dcaedff6081323

  • SHA1

    301bf26c5936db4f64cbe08022f6d871656ef9ba

  • SHA256

    fb92fafce2da7cf9d3f4c9397f61bbbb8ba274a455b169900ea0f9448004c1bf

  • SHA512

    38275d619aa9dcbaed2ad28e33850d4b67ac017f248b8fb8e018688ab0ffbf0caefe61d84314bcdbee6c048e65dd1ce6c3e5c28b66dadbdea86d031092f15349

  • SSDEEP

    12288:T5d1mG0tDIHXcRJmtXDMq+v8NJDChEJ/Gb+Ctn/AkfFdQzFTVPc7kFBlL5A9J1QP:zck4b4+HXVjPR

Score
10/10

Malware Config

Targets

    • Target

      11c7b1fbdc4098b9b9dcaedff6081323_JaffaCakes118

    • Size

      1.9MB

    • MD5

      11c7b1fbdc4098b9b9dcaedff6081323

    • SHA1

      301bf26c5936db4f64cbe08022f6d871656ef9ba

    • SHA256

      fb92fafce2da7cf9d3f4c9397f61bbbb8ba274a455b169900ea0f9448004c1bf

    • SHA512

      38275d619aa9dcbaed2ad28e33850d4b67ac017f248b8fb8e018688ab0ffbf0caefe61d84314bcdbee6c048e65dd1ce6c3e5c28b66dadbdea86d031092f15349

    • SSDEEP

      12288:T5d1mG0tDIHXcRJmtXDMq+v8NJDChEJ/Gb+Ctn/AkfFdQzFTVPc7kFBlL5A9J1QP:zck4b4+HXVjPR

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks