Extracted

• • Target

    bd928600020f98a70c34e1ac446236a2_JaffaCakes118

  • Size

    811KB

  • MD5

    bd928600020f98a70c34e1ac446236a2

  • SHA1

    a2cb2b695df8ab0a34eb9ce7a05e13b78981c5ab

  • SHA256

    b655f23bab76ef45990feeffd93bf5c7da37a0d0a0e798247d4339ce4f3e7da6

  • SHA512

    b292fefaabfc52d504dbade7fdaf1c91f6d75de15729ad8b421a11c17ce5de1d4f7becdaeef139e39d44b208a0ee28d26d1e0760133ce6cef0afcb93a7b76267

  • SSDEEP

    12288:baAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDVsgd:uAEENIq8XwyVPQclDq/+WnpsS

  Score

  10^/10

  darkcometlatentbotdiscoveryevasionrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Modifies firewall policy service

    evasion

  • Modifies security service

    evasion

  • Windows security bypass

    evasiontrojan

  • Disables RegEdit via registry modification

    evasion

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Windows security modification

    evasiontrojan
  behavioral1behavioral2