General

  • Target

    62a90eb21c95884da99c75a29bbdc8c4_JaffaCakes118

  • Size

    721KB

  • Sample

    240722-k9aefazard

  • MD5

    62a90eb21c95884da99c75a29bbdc8c4

  • SHA1

    a3e6ea5c2b97d18808ad0977084af4042b45f7f7

  • SHA256

    2d1921305289d295e284c809722da0d2e99e178a360e703cbb742b2b8c6e8beb

  • SHA512

    ede29edeeac4226a82193e0a60f051b936dbe9ebcf1b9479b4f9ff6eb868c0b7314dd04c0cfb8b587c9f802549ecd2b05f4aba808e0b488b02552fbd0dd21a6f

  • SSDEEP

    12288:cHxmO5AXCqWo03bPWRQPd5DF3e2RnGx0a+CSLV2J+26B:cRj+PWoNaJe2RnGxLo28

Score
10/10

Malware Config

Targets

    • Target

      62a90eb21c95884da99c75a29bbdc8c4_JaffaCakes118

    • Size

      721KB

    • MD5

      62a90eb21c95884da99c75a29bbdc8c4

    • SHA1

      a3e6ea5c2b97d18808ad0977084af4042b45f7f7

    • SHA256

      2d1921305289d295e284c809722da0d2e99e178a360e703cbb742b2b8c6e8beb

    • SHA512

      ede29edeeac4226a82193e0a60f051b936dbe9ebcf1b9479b4f9ff6eb868c0b7314dd04c0cfb8b587c9f802549ecd2b05f4aba808e0b488b02552fbd0dd21a6f

    • SSDEEP

      12288:cHxmO5AXCqWo03bPWRQPd5DF3e2RnGx0a+CSLV2J+26B:cRj+PWoNaJe2RnGxLo28

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks