Extracted

• • Target

    9a27e7f280ba28570bc127b286a96d7e_JaffaCakes118

  • Size

    756KB

  • MD5

    9a27e7f280ba28570bc127b286a96d7e

  • SHA1

    9841e19004683dca3edef18e7b7b29e4f2f1f67a

  • SHA256

    d5fe408bf652e756b0e2c30aacb9f5135c9ef22598cc508d012fb70434e19055

  • SHA512

    5246b17f1c1299eeec8416cbce1bcc12d1d693500660ef0241e70bdcd2a26f59cd987b7c20dbb3995536bded26e6393f49a6be7f6c192861a35b39a71cd6a0e2

  • SSDEEP

    12288:p9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKAebHhwhE:PAQ6Zx9cxTmOrucTIEFSpOGMHhwhE

  Score

  10^/10

  darkcometlatentbotdiscoveryrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2