Overview

overview

10

Static

static

3

27d92473a7...18.exe

windows7-x64

10

27d92473a7...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27d92473a76f00195c0d56ddc584dc07_JaffaCakes118

  • Size

    292KB

  • Sample

    240706-j2pnqasajj

  • MD5

    27d92473a76f00195c0d56ddc584dc07

  • SHA1

    f5a28d373882086a7712a4a6997b8054957953d1

  • SHA256

    812c5285b64f10051abffbecf9a57ad44b07eabd5611f38a796ee81fd43cf81d

  • SHA512

    e560b26ac65a9c46d70bca3febdc905bfe672c7482f6e710e88004aa4214eece98252d9e0d24ab80a2a3d299d09bf4b9bf07ef0262e73aa68b82090b9da528c8

  • SSDEEP

    6144:Pa0tKsnXahLw93Ghnn0Ob/aS/OyJtgfdaGxAqDUwX0uw:PaPsKa1In0ObtOZ1XAqDn+

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-72LX1GU

Attributes
  • gencode

    Ed7CHY7ltn4p

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      27d92473a76f00195c0d56ddc584dc07_JaffaCakes118

    • Size

      292KB

    • MD5

      27d92473a76f00195c0d56ddc584dc07

    • SHA1

      f5a28d373882086a7712a4a6997b8054957953d1

    • SHA256

      812c5285b64f10051abffbecf9a57ad44b07eabd5611f38a796ee81fd43cf81d

    • SHA512

      e560b26ac65a9c46d70bca3febdc905bfe672c7482f6e710e88004aa4214eece98252d9e0d24ab80a2a3d299d09bf4b9bf07ef0262e73aa68b82090b9da528c8

    • SSDEEP

      6144:Pa0tKsnXahLw93Ghnn0Ob/aS/OyJtgfdaGxAqDUwX0uw:PaPsKa1In0ObtOZ1XAqDn+

    Score
    10/10
    darkcometguest16rattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks