Overview

overview

10

Static

static

3

2e95bf05f7...18.exe

windows7-x64

10

2e95bf05f7...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2e95bf05f7fd58c4ee8fe83fe631ba1b_JaffaCakes118

  • Size

    788KB

  • Sample

    240709-b8zhhazeqj

  • MD5

    2e95bf05f7fd58c4ee8fe83fe631ba1b

  • SHA1

    4f766abe9bcb483ce229401bf6b8e925ba085e17

  • SHA256

    6793a8a4ebd343da236ea21f8566dc91d0342dc62724f05cd7d164a24741fd02

  • SHA512

    ee6e84cd529b067962913dc99921688a82291ce0284782fbb62da6d2abfafc789b99db5c184b579e15d9ebc9cdb0808656969b7f4a09036710f9ec544bf53c8d

  • SSDEEP

    24576:SvBja3mrD38rA3Spe1ioWiXxoNDyOusLLVSgD2pRzN38Ks9SCgcEI8a:SvBja3mrD38rA3S6iozo0GL/Ktp5DDIl

Score
10/10
darkcometrattrojan

Malware Config

Targets

    • Target

      2e95bf05f7fd58c4ee8fe83fe631ba1b_JaffaCakes118

    • Size

      788KB

    • MD5

      2e95bf05f7fd58c4ee8fe83fe631ba1b

    • SHA1

      4f766abe9bcb483ce229401bf6b8e925ba085e17

    • SHA256

      6793a8a4ebd343da236ea21f8566dc91d0342dc62724f05cd7d164a24741fd02

    • SHA512

      ee6e84cd529b067962913dc99921688a82291ce0284782fbb62da6d2abfafc789b99db5c184b579e15d9ebc9cdb0808656969b7f4a09036710f9ec544bf53c8d

    • SSDEEP

      24576:SvBja3mrD38rA3Spe1ioWiXxoNDyOusLLVSgD2pRzN38Ks9SCgcEI8a:SvBja3mrD38rA3S6iozo0GL/Ktp5DDIl

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks