General

  • Target

    98cb9f851b9c55376d7f5dd9233dd6d1_JaffaCakes118

  • Size

    660KB

  • Sample

    240815-edefmayaqp

  • MD5

    98cb9f851b9c55376d7f5dd9233dd6d1

  • SHA1

    b4af87c540ee7dabfd437e427cbd28abf0a786bf

  • SHA256

    cb29c438bede2b34e370d5bc066d9bb56b7db611274e6617133df2e1e08e1cf2

  • SHA512

    893159ef77acb959e32aa74f3fc9d906594bf95ca628fdf46c0c20675c7bd3ac875e49412a519ea01e4561d120642fdbe05a5c701b3922f24a45337677c1bad0

  • SSDEEP

    12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Ue:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Ju

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    LSU387r0cGGq

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      98cb9f851b9c55376d7f5dd9233dd6d1_JaffaCakes118

    • Size

      660KB

    • MD5

      98cb9f851b9c55376d7f5dd9233dd6d1

    • SHA1

      b4af87c540ee7dabfd437e427cbd28abf0a786bf

    • SHA256

      cb29c438bede2b34e370d5bc066d9bb56b7db611274e6617133df2e1e08e1cf2

    • SHA512

      893159ef77acb959e32aa74f3fc9d906594bf95ca628fdf46c0c20675c7bd3ac875e49412a519ea01e4561d120642fdbe05a5c701b3922f24a45337677c1bad0

    • SSDEEP

      12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Ue:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Ju

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v15

Tasks