General

  • Target

    1257e0c11dce332d586023257184c566_JaffaCakes118

  • Size

    658KB

  • Sample

    240626-r3vv5asajp

  • MD5

    1257e0c11dce332d586023257184c566

  • SHA1

    f1ac906909e71e6e6cfc6828b45ebd9e20b75a46

  • SHA256

    a2641b5e8de8ea14229bd5785d0ddd48ded7715b5e9412a136bebab4d35eec27

  • SHA512

    d3cfb2096b575d06911982a4838ead2ce77d8e428a893ac2670d5b2cf092b75238a2559efccba6c259bddcd1a473262cf6008cd6b876b903e448a515c4843be2

  • SSDEEP

    12288:x9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKU:HAQ6Zx9cxTmOrucTIEFSpOGB

Score
10/10

Malware Config

Targets

    • Target

      1257e0c11dce332d586023257184c566_JaffaCakes118

    • Size

      658KB

    • MD5

      1257e0c11dce332d586023257184c566

    • SHA1

      f1ac906909e71e6e6cfc6828b45ebd9e20b75a46

    • SHA256

      a2641b5e8de8ea14229bd5785d0ddd48ded7715b5e9412a136bebab4d35eec27

    • SHA512

      d3cfb2096b575d06911982a4838ead2ce77d8e428a893ac2670d5b2cf092b75238a2559efccba6c259bddcd1a473262cf6008cd6b876b903e448a515c4843be2

    • SSDEEP

      12288:x9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKU:HAQ6Zx9cxTmOrucTIEFSpOGB

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks