Overview

overview

10

Static

static

3

220a38f1da...18.exe

windows7-x64

10

220a38f1da...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    220a38f1dae9b159bb01d96e7739ab77_JaffaCakes118

  • Size

    514KB

  • Sample

    240703-mlb98syand

  • MD5

    220a38f1dae9b159bb01d96e7739ab77

  • SHA1

    02892d973c4770a2bccdc296953e7ea3451b4d04

  • SHA256

    2da538e9377c6bf29f14b1443fd40a40504b56296432fc1557c56dffef6bd4d1

  • SHA512

    9c1e3f7627397b70c893620fc9e2292b1b3076f7da9e97937c240418c4f2c19887cef0eb2a2d2f97bc340cfc346cc20ae54f8605b994d89a8751e07a331bd852

  • SSDEEP

    12288:eYETj9kua9Zd/OiOZuXEkEW4Qkg6krhKFH/u:yhdCVyZuUkEWNfKN/

Score
10/10
darkcometrattrojan

Malware Config

Targets

    • Target

      220a38f1dae9b159bb01d96e7739ab77_JaffaCakes118

    • Size

      514KB

    • MD5

      220a38f1dae9b159bb01d96e7739ab77

    • SHA1

      02892d973c4770a2bccdc296953e7ea3451b4d04

    • SHA256

      2da538e9377c6bf29f14b1443fd40a40504b56296432fc1557c56dffef6bd4d1

    • SHA512

      9c1e3f7627397b70c893620fc9e2292b1b3076f7da9e97937c240418c4f2c19887cef0eb2a2d2f97bc340cfc346cc20ae54f8605b994d89a8751e07a331bd852

    • SSDEEP

      12288:eYETj9kua9Zd/OiOZuXEkEW4Qkg6krhKFH/u:yhdCVyZuUkEWNfKN/

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Drops file in Drivers directory

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks