Overview

overview

10

Static

static

10

3b1ab34b41...18.exe

windows7-x64

10

3b1ab34b41...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b1ab34b412d7575d8953b26c32398d3_JaffaCakes118

  • Size

    811KB

  • Sample

    241012-vffz8svfrk

  • MD5

    3b1ab34b412d7575d8953b26c32398d3

  • SHA1

    febf09c53c7c24885229b2ccd9e7b7dfcfa5f648

  • SHA256

    69a055892ada6f0b2707cf797dc759e59ef216f0976dc8d3916ecf168fcdfb01

  • SHA512

    b3b38fc661ab8fc408461f0ca09256fed6436c7d6e9709fed513d7ecc72f55c10e75390557bcbec52679c2369a31e2d865ac5f35023da0e661965ed5d0640692

  • SSDEEP

    12288:LaAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDVsgdA:+AEENIq8XwyVPQclDq/+WnpsSA

Score
10/10
darkcometdiscoveryrattrojan

Malware Config

Targets

    • Target

      3b1ab34b412d7575d8953b26c32398d3_JaffaCakes118

    • Size

      811KB

    • MD5

      3b1ab34b412d7575d8953b26c32398d3

    • SHA1

      febf09c53c7c24885229b2ccd9e7b7dfcfa5f648

    • SHA256

      69a055892ada6f0b2707cf797dc759e59ef216f0976dc8d3916ecf168fcdfb01

    • SHA512

      b3b38fc661ab8fc408461f0ca09256fed6436c7d6e9709fed513d7ecc72f55c10e75390557bcbec52679c2369a31e2d865ac5f35023da0e661965ed5d0640692

    • SSDEEP

      12288:LaAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDVsgdA:+AEENIq8XwyVPQclDq/+WnpsSA

    Score
    10/10
    darkcometdiscoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Drops file in Drivers directory

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks