Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5c2db70f99be448c7ce5eef4004e3b99_JaffaCakes118

  • Size

    527KB

  • Sample

    240719-qza6waxdjd

  • MD5

    5c2db70f99be448c7ce5eef4004e3b99

  • SHA1

    4fa84d05e3d0764357795ebd5b74a5386a92752f

  • SHA256

    7a097c0d98ef1eb154add34a8641bda4d9cec751c722cb1af1fae9aaef71cc78

  • SHA512

    2f2123020258d28c6b83c32584e26ae505c40fb5b47121c5dd2cc22813b92d84bd7aa7dcc5d9df56fc6928d00e77adc977b1ebe9718968c1f6af7ba1c3d99b7f

  • SSDEEP

    12288:Q9jXIMlSia8JyH8d3zScOC9Y/OiaWVVJL0GGCXNc/5:UjRNauycd3zSA19+Q+u5

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-0SR134T

Attributes
  • gencode

    8QPKGQajuMgz

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      5c2db70f99be448c7ce5eef4004e3b99_JaffaCakes118

    • Size

      527KB

    • MD5

      5c2db70f99be448c7ce5eef4004e3b99

    • SHA1

      4fa84d05e3d0764357795ebd5b74a5386a92752f

    • SHA256

      7a097c0d98ef1eb154add34a8641bda4d9cec751c722cb1af1fae9aaef71cc78

    • SHA512

      2f2123020258d28c6b83c32584e26ae505c40fb5b47121c5dd2cc22813b92d84bd7aa7dcc5d9df56fc6928d00e77adc977b1ebe9718968c1f6af7ba1c3d99b7f

    • SSDEEP

      12288:Q9jXIMlSia8JyH8d3zScOC9Y/OiaWVVJL0GGCXNc/5:UjRNauycd3zSA19+Q+u5

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v15

Tasks