Overview

overview

10

Static

static

3

a567e01530...18.exe

windows7-x64

10

a567e01530...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a567e01530357677c5f137e2caaa081d_JaffaCakes118

  • Size

    536KB

  • Sample

    240818-e7s6wawarc

  • MD5

    a567e01530357677c5f137e2caaa081d

  • SHA1

    ad3e9d901430af750ae5638707d362b8a8eb8392

  • SHA256

    32e70ee65b4b34e3492d46144d16e4f4944d671da146a398b7df244241978410

  • SHA512

    82098572bd67d3e943d119840beb6b451a8db3c4c139cca59259411fc3eeac70b01771d2bc9154c659ce155505686d4679307f4063d02c77d0a0bf862fbb52d0

  • SSDEEP

    12288:nHA9mUcrY8driIQHG2D1axkPKdMSgbVSOdcnVoWDj:nHA9FWY8BiIwG2BJFSPloWDj

Score
10/10
darkcometdiscoveryrattrojanupx

Malware Config

Targets

    • Target

      a567e01530357677c5f137e2caaa081d_JaffaCakes118

    • Size

      536KB

    • MD5

      a567e01530357677c5f137e2caaa081d

    • SHA1

      ad3e9d901430af750ae5638707d362b8a8eb8392

    • SHA256

      32e70ee65b4b34e3492d46144d16e4f4944d671da146a398b7df244241978410

    • SHA512

      82098572bd67d3e943d119840beb6b451a8db3c4c139cca59259411fc3eeac70b01771d2bc9154c659ce155505686d4679307f4063d02c77d0a0bf862fbb52d0

    • SSDEEP

      12288:nHA9mUcrY8driIQHG2D1axkPKdMSgbVSOdcnVoWDj:nHA9FWY8BiIwG2BJFSPloWDj

    Score
    10/10
    darkcometdiscoveryrattrojanupx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks