darkcomet | bf3aa24a27b223894c4f64ecfd987780_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf3aa24a27b223894c4f64ecfd987780_JaffaCakes118
Size

792KB
MD5

bf3aa24a27b223894c4f64ecfd987780
SHA1

872628c3614ba664359e986803a872fc509a554e
SHA256

5babe4a5a4207795e16e73676334f4c9700cafbc9e6d0614302f88eb4c432bb3
SHA512

a3e972e50dd4a9d3f38e8a425d70102cc07aad0243af0c28ed6090ddc1ebd32a35485ce33e597ada39c413e41b8fca43bbccf5439089ec3c034ec1afcfeb7348
SSDEEP

12288:RaAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDzs:cAEENIq8XwyVPQclDq/+Wn/s

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf3aa24a27b223894c4f64ecfd987780_JaffaCakes118

Files

bf3aa24a27b223894c4f64ecfd987780_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.MPRESS1
Size: 764KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE