Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

303c53ba94...18.exe

windows7-x64

10

303c53ba94...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    303c53ba943a5dd63862c63fc486275f_JaffaCakes118

  • Size

    811KB

  • Sample

    240709-nv1vmatgph

  • MD5

    303c53ba943a5dd63862c63fc486275f

  • SHA1

    7f43b48a5da3d486bd2d3f0ac98d72c17e4383e5

  • SHA256

    93ce8882c399953b4f335d27f205a0974d738281f3e2321f94cc56004d99993c

  • SHA512

    3907813045b15785d160cb7bffdd16a99b636d3d4b58f356a69c409ca12e0187e6670c80c7344db9da440890d8b0c8a092775837e6534f088380305045586dc4

  • SSDEEP

    12288:LCCMiL/Ff0KY5nFGoPSaq15JgL41E2810334XpBTIAQO4tYqNU7jatO9yo87Iwnc:LCVW8znQoPSbGLWipiAQxYBC7IwnPy8

Score
10/10
darkcometpersistencerattrojan

Malware Config

Targets

    • Target

      303c53ba943a5dd63862c63fc486275f_JaffaCakes118

    • Size

      811KB

    • MD5

      303c53ba943a5dd63862c63fc486275f

    • SHA1

      7f43b48a5da3d486bd2d3f0ac98d72c17e4383e5

    • SHA256

      93ce8882c399953b4f335d27f205a0974d738281f3e2321f94cc56004d99993c

    • SHA512

      3907813045b15785d160cb7bffdd16a99b636d3d4b58f356a69c409ca12e0187e6670c80c7344db9da440890d8b0c8a092775837e6534f088380305045586dc4

    • SSDEEP

      12288:LCCMiL/Ff0KY5nFGoPSaq15JgL41E2810334XpBTIAQO4tYqNU7jatO9yo87Iwnc:LCVW8znQoPSbGLWipiAQxYBC7IwnPy8

    Score
    10/10
    darkcometpersistencerattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Modifies WinLogon for persistence

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks