General

  • Target

    93863633fda3863ce1940362b779d2cb_JaffaCakes118

  • Size

    658KB

  • Sample

    240813-r3cdsayhra

  • MD5

    93863633fda3863ce1940362b779d2cb

  • SHA1

    caea6d245b2dc2c24a887769aaead8edf072c20d

  • SHA256

    078acdf1892519621f10ef9cd612c0c7ad3981edd8ae058ccf882f7acbbee837

  • SHA512

    1013b91f708081304d748a6762a6cb343626eef67f55ccc9821b382d4e1595bab7ea834f6470b3371d2a6619a01b3da5a9ad6feadc40d2e50bf419bdea111844

  • SSDEEP

    12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hQ:GZ1xuVVjfFoynPaVBUR8f+kN10EBG

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

firaskam.no-ip.biz:81

Mutex

DC_MUTEX-VQJDUQC

Attributes
  • gencode

    iL9CDBM0KovR

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      93863633fda3863ce1940362b779d2cb_JaffaCakes118

    • Size

      658KB

    • MD5

      93863633fda3863ce1940362b779d2cb

    • SHA1

      caea6d245b2dc2c24a887769aaead8edf072c20d

    • SHA256

      078acdf1892519621f10ef9cd612c0c7ad3981edd8ae058ccf882f7acbbee837

    • SHA512

      1013b91f708081304d748a6762a6cb343626eef67f55ccc9821b382d4e1595bab7ea834f6470b3371d2a6619a01b3da5a9ad6feadc40d2e50bf419bdea111844

    • SSDEEP

      12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hQ:GZ1xuVVjfFoynPaVBUR8f+kN10EBG

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v15

Tasks