Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2e08760d785ca73395fdb40af2a11df6_JaffaCakes118

  • Size

    3.3MB

  • Sample

    240708-2axt5avapf

  • MD5

    2e08760d785ca73395fdb40af2a11df6

  • SHA1

    79f554c1f6124675ba3fde9959d43d01e67775ca

  • SHA256

    09c95ba487f26ff77390e9b3c677833ccd73b378d7f0e05e7bd15d568f3cf64b

  • SHA512

    6845569a8203db430c184ef13daf7055cc97cb0abcdf443dbe45903b23bedccfc01a8602193a19acb9e978ef24f0b1146f5ec1f0dbe826fbe8ecd9568c4d62cb

  • SSDEEP

    49152:5ls8QyAsFPgMmS4/8GbgApQg7XsWBFCxWpPamyu:5ls8KIgW4vTTZ9V/

Score
10/10

Malware Config

Extracted

Family

darkcomet

Attributes
  • gencode

  • install

    false

  • offline_keylogger

    false

  • persistence

    false

Targets

    • Target

      2e08760d785ca73395fdb40af2a11df6_JaffaCakes118

    • Size

      3.3MB

    • MD5

      2e08760d785ca73395fdb40af2a11df6

    • SHA1

      79f554c1f6124675ba3fde9959d43d01e67775ca

    • SHA256

      09c95ba487f26ff77390e9b3c677833ccd73b378d7f0e05e7bd15d568f3cf64b

    • SHA512

      6845569a8203db430c184ef13daf7055cc97cb0abcdf443dbe45903b23bedccfc01a8602193a19acb9e978ef24f0b1146f5ec1f0dbe826fbe8ecd9568c4d62cb

    • SSDEEP

      49152:5ls8QyAsFPgMmS4/8GbgApQg7XsWBFCxWpPamyu:5ls8KIgW4vTTZ9V/

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks