Overview

overview

10

Static

static

10

11d7eca2d2...18.exe

windows7-x64

10

11d7eca2d2...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    11d7eca2d22c48008e98c39dd4623588_JaffaCakes118

  • Size

    756KB

  • Sample

    241004-e51g6sydpb

  • MD5

    11d7eca2d22c48008e98c39dd4623588

  • SHA1

    d5d1600c7875c06aaf23a34895a8b81e4b475732

  • SHA256

    b4487cd8a2cb58d2c845fd396e604dcc4a08c962c058aceddc5e5e44a3c659d4

  • SHA512

    985c573f2d179db0cd99e3bf22b956c31d60f5aac43c2bb190b8aec20577c7563c0e85da85d30897c6645e856fe596fd65191c34303848a4513069a29f81bfd5

  • SSDEEP

    12288:u9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hPFIIhIIX:6Z1xuVVjfFoynPaVBUR8f+kN10EBZ

Score
10/10
darkcometguest16discoveryrattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

178.4.22.150:1604

Mutex

DC_MUTEX-WMLZ7DN

Attributes
  • gencode

    8plhM0LdT42Q

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      11d7eca2d22c48008e98c39dd4623588_JaffaCakes118

    • Size

      756KB

    • MD5

      11d7eca2d22c48008e98c39dd4623588

    • SHA1

      d5d1600c7875c06aaf23a34895a8b81e4b475732

    • SHA256

      b4487cd8a2cb58d2c845fd396e604dcc4a08c962c058aceddc5e5e44a3c659d4

    • SHA512

      985c573f2d179db0cd99e3bf22b956c31d60f5aac43c2bb190b8aec20577c7563c0e85da85d30897c6645e856fe596fd65191c34303848a4513069a29f81bfd5

    • SSDEEP

      12288:u9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hPFIIhIIX:6Z1xuVVjfFoynPaVBUR8f+kN10EBZ

    Score
    10/10
    darkcometguest16discoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks