General

  • Target

    66c88d79145547ae18679bdd9e2a889a_JaffaCakes118

  • Size

    748KB

  • Sample

    240723-j22y2swcme

  • MD5

    66c88d79145547ae18679bdd9e2a889a

  • SHA1

    5f131002f38e6aaf101c69290a15f9849157b467

  • SHA256

    4c1ae3959e90dbf7bb560f0a6464693fc2241c3febb86b118161904e12385db0

  • SHA512

    8b763bd7ec9fbd17d1f68cb4e56a551c0e0d116fe13a1d6e562e414b9918cdaff6a211479ee8890b6c983c4963188c8750cdd43ea03315a111cf6ffc3f2833ae

  • SSDEEP

    12288:/Dnwsm3P9SJoy+sYI70Nh1ElOluIDVavkN58VHw/AvIuHDhy8T7BDtt0JF3eq:7wsslSSy4u0NhimuIDVjL8O/NuHDhz7s

Malware Config

Targets

    • Target

      66c88d79145547ae18679bdd9e2a889a_JaffaCakes118

    • Size

      748KB

    • MD5

      66c88d79145547ae18679bdd9e2a889a

    • SHA1

      5f131002f38e6aaf101c69290a15f9849157b467

    • SHA256

      4c1ae3959e90dbf7bb560f0a6464693fc2241c3febb86b118161904e12385db0

    • SHA512

      8b763bd7ec9fbd17d1f68cb4e56a551c0e0d116fe13a1d6e562e414b9918cdaff6a211479ee8890b6c983c4963188c8750cdd43ea03315a111cf6ffc3f2833ae

    • SSDEEP

      12288:/Dnwsm3P9SJoy+sYI70Nh1ElOluIDVavkN58VHw/AvIuHDhy8T7BDtt0JF3eq:7wsslSSy4u0NhimuIDVjL8O/NuHDhz7s

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Modifies firewall policy service

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks