General
-
Target
34274950e6e5d20b24064ffb9ccfc59a_JaffaCakes118
-
Size
920KB
-
Sample
240710-lftfwssanh
-
MD5
34274950e6e5d20b24064ffb9ccfc59a
-
SHA1
887726ca388377edaa74401e2230afa9b09dab25
-
SHA256
c992578c229cfad0134ab84b067aded11903d87c7d6711306bcb6194f8844f52
-
SHA512
3d0d6db1987eda42ab88f4ca15ef8a34519d8e437f6bccf96ab21400b24c7f6c3efd91ef2ac074e77eb83d7767159ddad93713ad574a0b7ca38ae2d92f50adec
-
SSDEEP
24576:LwAcu99lPzvxP+Bsz2XjWTRMQckkIZJv0QZh9u:UAcIzpP+hickkIQ
Malware Config
Targets
-
-
Target
34274950e6e5d20b24064ffb9ccfc59a_JaffaCakes118
-
Size
920KB
-
MD5
34274950e6e5d20b24064ffb9ccfc59a
-
SHA1
887726ca388377edaa74401e2230afa9b09dab25
-
SHA256
c992578c229cfad0134ab84b067aded11903d87c7d6711306bcb6194f8844f52
-
SHA512
3d0d6db1987eda42ab88f4ca15ef8a34519d8e437f6bccf96ab21400b24c7f6c3efd91ef2ac074e77eb83d7767159ddad93713ad574a0b7ca38ae2d92f50adec
-
SSDEEP
24576:LwAcu99lPzvxP+Bsz2XjWTRMQckkIZJv0QZh9u:UAcIzpP+hickkIQ
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-