darkcomet | 779f8cf7d9d411b0d3dc8bc2d125898d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

779f8cf7d9d411b0d3dc8bc2d125898d_JaffaCakes118
Size

856KB
MD5

779f8cf7d9d411b0d3dc8bc2d125898d
SHA1

f547b91722ed298bb454b1cb5c46a99ade1ed549
SHA256

ca0c92fda07cf277e441309bf4285b544b0f725821ff15ce7d1fdac12e3265d6
SHA512

c66aae6cae5581fc358e896d3517d2338e52bcb1511fdf69979168dcb03cc539e346f67ea246f1ce47ba8f4f16f6165990dd8173940c575bd3b24efc53eddec9
SSDEEP

12288:saAchpWsuVtDnBsBDJIcynnC90levX4CuYf2D82T3s99+VHIN5l:NAEE3uBDhynCylQgi63O9+VIN5

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
779f8cf7d9d411b0d3dc8bc2d125898d_JaffaCakes118

Files

779f8cf7d9d411b0d3dc8bc2d125898d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.MPRESS1
Size: 796KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE