darkcomet | ebb55c33d5868d1cee2f5a7e33a4c8b9_JaffaCakes118 | Triage

Sharing

General

Target

ebb55c33d5868d1cee2f5a7e33a4c8b9_JaffaCakes118
Size

2.1MB
MD5

ebb55c33d5868d1cee2f5a7e33a4c8b9
SHA1

0abdb4b5d5a144107d793495f6f19ff0ef79b472
SHA256

abda817cd7eb57adf2d9f93962a37dda5f52bf2e68bf85a04cae3dd166937cd8
SHA512

eb9a35d551900ed65129fe21d6bfee5e2591d569e964edeae7f03040ea8825b66e915c425a318e089bef85f498922082c8ef64675f55debac972dbfea265d5c2
SSDEEP

24576:Jx03nIlcXgYZhukuphb03nZupGxe9qee4fjR3nbWmJVJFwSddIXvfhqbiaxvRxq6:Jx0ycXgYWFX0cz9/e4fhamdZdcBYTZ

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebb55c33d5868d1cee2f5a7e33a4c8b9_JaffaCakes118

Files

ebb55c33d5868d1cee2f5a7e33a4c8b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Giovani\Desktop\Exploit Binder\Exploit\Exploit\Exploit\obj\Debug\Exploit.pdb

Imports

mscoree

_CorExeMain

Sections

.ADIF
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ