Extracted

• • Target

    3132e821f0b47d3d707237eda0e1db8e_JaffaCakes118

  • Size

    1.5MB

  • MD5

    3132e821f0b47d3d707237eda0e1db8e

  • SHA1

    f43410e1de671d63a8f7fa6ba817f46298eb2743

  • SHA256

    3c9191891a6eec95c15b0540656d3be2ac3698fcf86c175efcbe0f0244ee224a

  • SHA512

    840583bd0d65face8a86a373e10d1d28f9b91749448c7f40178bad9125bdda64b5ba195963590fb8fbb1f57caab7b6d24d924b2140640b2ea0d9af025d53cd0b

  • SSDEEP

    24576:saHMv6CorjqnyC8xlDaf9Y6osXaHXsukXrFxsGf2hO/o9:s1vqjdC8PDm9Y6nK3suk/sk259

  Score

  10^/10

  darkcometguest16discoveryrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  behavioral1behavioral2