General

  • Target

    6749cefc804bddb2498bf44bcbec4737_JaffaCakes118

  • Size

    478KB

  • Sample

    240723-my8h7ssbkb

  • MD5

    6749cefc804bddb2498bf44bcbec4737

  • SHA1

    71c01eff2528e3cf384c445a983974be615f1c9c

  • SHA256

    78d75670c74867fde92e54a5a11f2e887416aa2bbcbb9ab52fb3b1e238ecc8a5

  • SHA512

    dc19faf1aad0da0b182a04994b8f992844e2284acc5aaabc89688f75c0e5f0827f5eb6cb53f8c160335eb3773c0299c4811f7d56b090f0895f24679fa47878ee

  • SSDEEP

    12288:U5OnCTI2IO6X4/694BEMQ3x5jJK5g+EZMuRGg:UInCEm6X54B8B5jJstSRRp

Score
10/10

Malware Config

Targets

    • Target

      6749cefc804bddb2498bf44bcbec4737_JaffaCakes118

    • Size

      478KB

    • MD5

      6749cefc804bddb2498bf44bcbec4737

    • SHA1

      71c01eff2528e3cf384c445a983974be615f1c9c

    • SHA256

      78d75670c74867fde92e54a5a11f2e887416aa2bbcbb9ab52fb3b1e238ecc8a5

    • SHA512

      dc19faf1aad0da0b182a04994b8f992844e2284acc5aaabc89688f75c0e5f0827f5eb6cb53f8c160335eb3773c0299c4811f7d56b090f0895f24679fa47878ee

    • SSDEEP

      12288:U5OnCTI2IO6X4/694BEMQ3x5jJK5g+EZMuRGg:UInCEm6X54B8B5jJstSRRp

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks