Extracted

• • Target

    a91ef031e39af623f883d385993b5391_JaffaCakes118

  • Size

    722KB

  • MD5

    a91ef031e39af623f883d385993b5391

  • SHA1

    47a01e469d55ee3a57a4f3ef98e813a271524190

  • SHA256

    9ca380347f874821fb939c9e6e02575d271c7e6d0f6e53b1685f24ffaf35ae2d

  • SHA512

    9cf436b08008e11bb9d3768838ceac22a7f94eb05e6e1154f79507613e0084736a45780150044dec0171da6f86ebbd451b9d5f99546022292dcd0921dda65fa6

  • SSDEEP

    12288:QFLlJnnbWOtz6sVJhvaz1Qc/WdI//vfM4qwrbkniafLo6vUTyl0w/q9jJD:A3nbWmJVJFwSddIXvfhqbiaxvRxq9J

  Score

  10^/10

  darkcometlatentbotdiscoveryevasionrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Windows security bypass

    evasiontrojan

  • Sets file to hidden

    Modifies file attributes to stop it showing in Explorer etc.

    evasion

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Windows security modification

    evasiontrojan
  behavioral1behavioral2