General

  • Target

    76b27fb0cf68b6bd9e32547856fca887_JaffaCakes118

  • Size

    696KB

  • Sample

    240727-csjmsatfmf

  • MD5

    76b27fb0cf68b6bd9e32547856fca887

  • SHA1

    ffc4773dbd5c23e9c99b121ade322b160a76c737

  • SHA256

    5b2affa188704510f48eaed61522632ff7d95fd462b1e508ee02538e9d6a3a17

  • SHA512

    993fc6a5f7e931320441e63203b4d4c7efafbac213cbf37af4bc003799c143171f6009b73647232235053f258771f8a68a9e586d76256efcb39e6a5483d30123

  • SSDEEP

    12288:IrcZkHbetlOj86SSHw9J7Yxn1mElPqHGogo8ghowmE+KGucp/lQmXHeAmu7Os:IrcYbefv3SHsQmEnogo8ghrm/p/lQmXp

Malware Config

Extracted

Family

darkcomet

Botnet

HF

C2

192.168.0.2:100

surfingforus.zapto.org:100

Mutex

DC_MUTEX-B4DJA70

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    ShXk49WH4tyF

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    MicroUpdate

Extracted

Family

latentbot

C2

surfingforus.zapto.org

Targets

    • Target

      76b27fb0cf68b6bd9e32547856fca887_JaffaCakes118

    • Size

      696KB

    • MD5

      76b27fb0cf68b6bd9e32547856fca887

    • SHA1

      ffc4773dbd5c23e9c99b121ade322b160a76c737

    • SHA256

      5b2affa188704510f48eaed61522632ff7d95fd462b1e508ee02538e9d6a3a17

    • SHA512

      993fc6a5f7e931320441e63203b4d4c7efafbac213cbf37af4bc003799c143171f6009b73647232235053f258771f8a68a9e586d76256efcb39e6a5483d30123

    • SSDEEP

      12288:IrcZkHbetlOj86SSHw9J7Yxn1mElPqHGogo8ghowmE+KGucp/lQmXHeAmu7Os:IrcYbefv3SHsQmEnogo8ghrm/p/lQmXp

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

    • Modifies WinLogon for persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks