darkcomet | 362690035b4ac9cde99000bf6551690d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

362690035b4ac9cde99000bf6551690d_JaffaCakes118
Size

677KB
MD5

362690035b4ac9cde99000bf6551690d
SHA1

a6043fc96ad604bb4fb49813f1bb53aca21df86f
SHA256

5d59eb22fb403b92e8f490c75e49a507b0ee827d38dc80075ddfa79c7d664f80
SHA512

a01eec2b29acde2546f202323928b5c6e6328b244b5001fa0f546ac395d2c87d4cb7bc590e6ca8f3c5c135d4cb0487cd5f89d4c1b9f79ee8545e62fce1c2553a
SSDEEP

12288:G6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhqO:LAmBpVKHu0Mu9Xo20VGLVP5

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
362690035b4ac9cde99000bf6551690d_JaffaCakes118

Files

362690035b4ac9cde99000bf6551690d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9bd031cc9e24c1765514ace3deed380

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

32

wPos
wPlacement
indowLongW
dowLongA
er
ange
SetRect
t
oA
SetForegroundWindow
dow
ocus
ursorPos
SetCursor
oardData
apture
tActiveWindow
SendMessageW
ScrollWindow
ScreenToClient
RemoveMenu
leaseDC
eCapture
sterWindowMessageA
ipboardFormatA
ClassA
ndow
readMessageW
ssageA
Message
ssageA
ekMessageW
ageA
mToCharA
aitForMultipleObjectsEx
jectsEx
eBoxA
wPoints
irtualKeyA
LockWorkStation
LayoutA
A
LoadBitmapA
Timer
ed
icode
owEnabled
Window
RectEmpty
IsIconic
ogMessageW
alogMessageA
ClipboardFormatAvailable
matAvailable
InvalidateRect
tersectRect
MenuItemA
ateRect
GetWindowThreadProcessId
cessId
dowTextLengthA
GetWindowTextA
ect
GetWindowLongW
dowLongA
dowDC
ndow
cs
u
sh
lor
tPropA
arent
dow
s
tate
enuItemInfoA
D
mCount
fo
opup
ardState
ardLayoutNameA
ameA
ayoutList
dLayout
e
conInfo
indow
GetDesktopWindow
ow
tDC
rPos
tClipboardData
ta
NameA
GetClassLongA
GetClassInfoA
A
tActiveWindow
FrameRect
WindowExA
WindowA
ct
owsEx
s
ndows
splayDevicesA
A
dFormats
EnumChildWindows
ws
ableWindow
rollBar
DrawIconEx
Icon
ontrol
MessageW
spatchMessageA
indow
n
DeleteMenu
dowProcA
DIChildProcA
A
enu
nu
ClientToScreen
CallWindowProcA
A
okEx
arLowerBuffA
CharLowerA
UpperBuffA
ToOemA
stWindowRectEx
Ex
oardLayout
i32.dll
eObject
tchBlt
Ex

itmessage

ange
SetRect
t
oA
SetForegroundWindow
dow
ocus
ursorPos
SetCursor
oardData
apture
tActiveWindow
SendMessageW
ScrollWindow
ScreenToClient
RemoveMenu
leaseDC
eCapture
sterWindowMessageA
ipboardFormatA
ClassA
ndow
readMessageW
ssageA
Message
ssageA
ekMessageW
ageA
mToCharA
aitForMultipleObjectsEx
jectsEx
eBoxA
wPoints
irtualKeyA
LockWorkStation
LayoutA
A
LoadBitmapA
Timer
ed
icode
owEnabled
Window
RectEmpty
IsIconic
ogMessageW
alogMessageA
ClipboardFormatAvailable
matAvailable
InvalidateRect
tersectRect
MenuItemA
ateRect
GetWindowThreadProcessId
cessId
dowTextLengthA
GetWindowTextA
ect
GetWindowLongW
dowLongA
dowDC
ndow
cs
u
sh
lor
tPropA
arent
dow
s
tate
enuItemInfoA
D
mCount
fo
opup
ardState
ardLayoutNameA
ameA
ayoutList
dLayout
e
conInfo
indow
GetDesktopWindow
ow
tDC
rPos
tClipboardData
ta
NameA
GetClassLongA
GetClassInfoA
A
tActiveWindow
FrameRect
WindowExA
WindowA
ct
owsEx
s
ndows
splayDevicesA
A
dFormats
EnumChildWindows
ws
ableWindow
rollBar
DrawIconEx
Icon
ontrol
MessageW
spatchMessageA
indow
n
DeleteMenu
dowProcA
DIChildProcA
A
enu
nu
ClientToScreen
CallWindowProcA
A
okEx
arLowerBuffA
CharLowerA
UpperBuffA
ToOemA
stWindowRectEx
Ex
oardLayout
i32.dll
eObject
tchBlt
Ex

GetWindowOrgEx
GetWinMetaFileBits
FileBits
GetTextMetricsA
ricsA
tTextExtentPoint32A
Entries
ct
GetPixel
tries
nhMetaFilePaletteEntries
ntries
tEnhMetaFileHeader
Header
FileBits
tDeviceCaps
ColorTable
Ex
OrgEx
s
lipRect
teObject
teEnhMetaFile
DeleteDC
CreateSolidBrush
sh
irect
lette
nePalette
CreateFontIndirectA
CreateDIBSection
mpatibleDC
mpatibleBitmap
CreateBrushIndirect
ap
VerQueryValueA
ileVersionInfoSizeA
zeA
InfoA
ite
lock
ve
agLeave
t_DragEnter
rag
rag
ImageList_GetBkColor
or
geCount
roy
wininet.dll
ternetOpenUrlA
OpenA
ectA
or
geCount
roy
wininet.dll
ternetOpenUrlA
OpenA
ectA
Folder.dll
.dll
layMonitors
ntThreadId
InterlockedDecrement
ment
kedIncrement
ry
yte
r
A
xA
tProcAddress
eHandleA
uleFileNameA
tLocaleInfoA
tLastError
ommandLineA
brary
itProcess
areStringA
eFile
ledExceptionFilter
ointer
ndOfFile
ind
le
tdHandle
eSize
ype
FileA
eHandle
ll
e
e
andleA
ment
kedIncrement
ry
yte
r
A
xA
tProcAddress
eHandleA
uleFileNameA
tLocaleInfoA
tLastError
ommandLineA
brary
itProcess
areStringA
eFile
ledExceptionFilter
ointer
ndOfFile
ind
le
tdHandle
eSize
ype
FileA
eHandle
ll
e
e
andleA

rnel32

ReadProcessMemory
adFile
ekNamedPipe
enProcess
iByteToWideChar
r
leA
wOfFile
source
lFileTimeToFileTime
LocalAlloc
urce
aryA
ticalSection
CriticalSection
n
HeapAlloc
alUnlock
Status
alFree
obalFindAtomA
A
Atom
GlobalAddAtomA
DirectoryA
olumeInformationA
GetVersionExA
tUserDefaultLangID
tTickCount
ocale
athA
temPowerStatus
temDirectoryA
GetStdHandle
tProcessHeap
GetProcAddress
vateProfileIntA
oduleHandleA
GetModuleFileNameA
astError
athNameA
e
GetFileAttributesA
sA
eProcess
onmentVariableA
A
peA
A
GetCurrentThreadId
urrentThread
GetCurrentProcessId
s
source
xchange
y
ceA
leA
FileTimeToSystemTime
me
LocalFileTime
FileTimeToDosDateTime
ime
read
umResourceNamesA
lendarInfoA
calSection
DosDateTimeToFileTime
ileTime
ion
eateProcessA
pe
texA
gA
A
oryA
A
CloseHandle
Beep
ll
ValueExA
ryInfoKeyA
RegOpenKeyExA

rsingleobject

adFile
ekNamedPipe
enProcess
iByteToWideChar
r
leA
wOfFile
source
lFileTimeToFileTime
LocalAlloc
urce
aryA
ticalSection
CriticalSection
n
HeapAlloc
alUnlock
Status
alFree
obalFindAtomA
A
Atom
GlobalAddAtomA
DirectoryA
olumeInformationA
GetVersionExA
tUserDefaultLangID
tTickCount
ocale
athA
temPowerStatus
temDirectoryA
GetStdHandle
tProcessHeap
GetProcAddress
vateProfileIntA
oduleHandleA
GetModuleFileNameA
astError
athNameA
e
GetFileAttributesA
sA
eProcess
onmentVariableA
A
peA
A
GetCurrentThreadId
urrentThread
GetCurrentProcessId
s
source
xchange
y
ceA
leA
FileTimeToSystemTime
me
LocalFileTime
FileTimeToDosDateTime
ime
read
umResourceNamesA
lendarInfoA
calSection
DosDateTimeToFileTime
ileTime
ion
eateProcessA
pe
texA
gA
A
oryA
A
CloseHandle
Beep
ll
ValueExA
ryInfoKeyA
RegOpenKeyExA

nkeyexa

tSidSubAuthority
ty
tifierAuthority
urrentHwProfileA
TokenPrivileges
2.dll
rtup

vbyname

erationA

skmemfree

ageList_SetIconSize
nSize
t_GetIconSize

ygetubound

ImageList_GetBkColor
or
geCount
roy
wininet.dll
ternetOpenUrlA
OpenA
ectA

veinunprepareheader

ipCreateBitmapFromStreamICM
Stream
ormat
ext
GdipDisposeImage
sShutdown
GdipFree
vapi32.dll
erviceA
viceStatus
ServiceA
OpenSCManagerA

der

ormat
ext
GdipDisposeImage
sShutdown
GdipFree
vapi32.dll
erviceA
viceStatus
ServiceA
OpenSCManagerA

rssize

leteService
rviceA
lService
erviceHandle
l
mInformation
pi32.dll
BufferFree

ecti

lService
erviceHandle
l
mInformation
pi32.dll
BufferFree

gera

mOpen
aramsA
mEntriesA
dll

cialfolderpatha

ValueExA
penKeyExA
y

icy

StringA
eBoxA

infoa

lloc
kCount

Sections

.text
Size: 562KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 46KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9bd031cc9e24c1765514ace3deed380

Headers

File Characteristics

Imports

32

itmessage

rnel32

rsingleobject

nkeyexa

vbyname

skmemfree

ygetubound

veinunprepareheader

der

rssize

ecti

gera

cialfolderpatha

icy

infoa

Sections

.text Size: 562KB - Virtual size: 561KB

.itext Size: 6KB - Virtual size: 6KB

.data Size: 11KB - Virtual size: 11KB

.bss Size: - Virtual size: 46KB

.idata Size: 16KB - Virtual size: 16KB

.tls Size: - Virtual size: 56B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 34KB - Virtual size: 34KB

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 562KB - Virtual size: 561KB

.itext
Size: 6KB - Virtual size: 6KB

.data
Size: 11KB - Virtual size: 11KB

.bss
Size: - Virtual size: 46KB

.idata
Size: 16KB - Virtual size: 16KB

.tls
Size: - Virtual size: 56B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 34KB - Virtual size: 34KB

.rsrc
Size: 45KB - Virtual size: 45KB