General

  • Target

    749304ae6dda7e1e8f44f8b9ab88ef58_JaffaCakes118

  • Size

    659KB

  • Sample

    240726-slkt9svhjm

  • MD5

    749304ae6dda7e1e8f44f8b9ab88ef58

  • SHA1

    32e86dc53bf9e8aef4ff9f48848a84344c6b2b3b

  • SHA256

    9abdbac29d97950a93627b9c84bcc4c0c1b08322da35f532562c11ac41ffc928

  • SHA512

    69376e1d12a0182315d9ef3a54621c8c7aca84cbdea346c533580a63857205a6f15575b62b67cfbc5dcdf5784576c538fda4487948df797174f340705322b5ef

  • SSDEEP

    12288:MX2JVHMRtDaSm3TJvVNvWV5YTsY7tHwbz/htfcoCoK632zb7G/Q0/:6ss2Sm39NNv9wY7tHwbzfIoK6MoH

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    fnSFmEFHFfLB

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      749304ae6dda7e1e8f44f8b9ab88ef58_JaffaCakes118

    • Size

      659KB

    • MD5

      749304ae6dda7e1e8f44f8b9ab88ef58

    • SHA1

      32e86dc53bf9e8aef4ff9f48848a84344c6b2b3b

    • SHA256

      9abdbac29d97950a93627b9c84bcc4c0c1b08322da35f532562c11ac41ffc928

    • SHA512

      69376e1d12a0182315d9ef3a54621c8c7aca84cbdea346c533580a63857205a6f15575b62b67cfbc5dcdf5784576c538fda4487948df797174f340705322b5ef

    • SSDEEP

      12288:MX2JVHMRtDaSm3TJvVNvWV5YTsY7tHwbz/htfcoCoK632zb7G/Q0/:6ss2Sm39NNv9wY7tHwbzfIoK6MoH

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v15

Tasks