General

  • Target

    6158797e15e09634b8f46fc0479f1506_JaffaCakes118

  • Size

    660KB

  • Sample

    240721-zmgmkatglh

  • MD5

    6158797e15e09634b8f46fc0479f1506

  • SHA1

    1b99ca1a7fdf6d56bf4c8403d7663b03720b60f4

  • SHA256

    76b93119e1a20762830dcb9935f4d08ee4483679040a2b0446eb64eaeba899f2

  • SHA512

    ded6792dc79faad01283f4d2b3cba100619c0bf73cd4377ac9fee35ed22e6dc737c652d0ff7e2ff9bd4ca70de13f6c83642fec5aee4b14d154dc8c817286cf96

  • SSDEEP

    12288:AXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452U0:GnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jk

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

192.168.1.39:1604

90.185.214.185:1604

Mutex

DC_MUTEX-FRRKXRV

Attributes
  • gencode

    FHLSczYHpcy7

  • install

    false

  • offline_keylogger

    false

  • password

    miller

  • persistence

    false

Targets

    • Target

      6158797e15e09634b8f46fc0479f1506_JaffaCakes118

    • Size

      660KB

    • MD5

      6158797e15e09634b8f46fc0479f1506

    • SHA1

      1b99ca1a7fdf6d56bf4c8403d7663b03720b60f4

    • SHA256

      76b93119e1a20762830dcb9935f4d08ee4483679040a2b0446eb64eaeba899f2

    • SHA512

      ded6792dc79faad01283f4d2b3cba100619c0bf73cd4377ac9fee35ed22e6dc737c652d0ff7e2ff9bd4ca70de13f6c83642fec5aee4b14d154dc8c817286cf96

    • SSDEEP

      12288:AXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452U0:GnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jk

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Matrix

Tasks