General

  • Target

    8cb0bb01f530406a938f27faab7827b5_JaffaCakes118

  • Size

    662KB

  • Sample

    240812-bb1passcjg

  • MD5

    8cb0bb01f530406a938f27faab7827b5

  • SHA1

    4a7f423ec3714b58bf15c1d5c891f171fdc8bc5d

  • SHA256

    7ba889bcdf07582a3ea01b5935edad3db1981dc197ddad3d6db0b88eef7799a0

  • SHA512

    88bbe89d1987dc3d5ce47941b34927f20a75816953e78552ccc93d405523bf2e1a517322c71b243f72256469f083655ce7d3f1f6cc6ed7fc8d8d4a528132d796

  • SSDEEP

    12288:83OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/R/:qOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgb5

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    S5wKdhP2xZSZ

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      8cb0bb01f530406a938f27faab7827b5_JaffaCakes118

    • Size

      662KB

    • MD5

      8cb0bb01f530406a938f27faab7827b5

    • SHA1

      4a7f423ec3714b58bf15c1d5c891f171fdc8bc5d

    • SHA256

      7ba889bcdf07582a3ea01b5935edad3db1981dc197ddad3d6db0b88eef7799a0

    • SHA512

      88bbe89d1987dc3d5ce47941b34927f20a75816953e78552ccc93d405523bf2e1a517322c71b243f72256469f083655ce7d3f1f6cc6ed7fc8d8d4a528132d796

    • SSDEEP

      12288:83OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/R/:qOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgb5

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v15

Tasks