General

  • Target

    445da1eb7c58d577c1091d878e05cae5_JaffaCakes118

  • Size

    30KB

  • Sample

    241014-1r3w2aycla

  • MD5

    445da1eb7c58d577c1091d878e05cae5

  • SHA1

    7de6269de478c1e883a342bf1eb85fa675429fbf

  • SHA256

    79a26eaa9e03ddeb586d29b1b95be48636ba2be37ebabe83f2c648b4dcf32b60

  • SHA512

    940b34ac04b36d94fe6bc84f840cd3eefdfa2b371299c43b64c05829377ae3104b6d53a8c2544ea259b767dc323e225e6ca35aca0f909a8ed4900878317608d2

  • SSDEEP

    384:ph92Cfflq1lXindH1jF9m4AvwghmMCHFGmmT8TUm5oMO6pVSV:ph9pf+lXinhdF9mjvVn0TUmmAVo

Malware Config

Targets

    • Target

      445da1eb7c58d577c1091d878e05cae5_JaffaCakes118

    • Size

      30KB

    • MD5

      445da1eb7c58d577c1091d878e05cae5

    • SHA1

      7de6269de478c1e883a342bf1eb85fa675429fbf

    • SHA256

      79a26eaa9e03ddeb586d29b1b95be48636ba2be37ebabe83f2c648b4dcf32b60

    • SHA512

      940b34ac04b36d94fe6bc84f840cd3eefdfa2b371299c43b64c05829377ae3104b6d53a8c2544ea259b767dc323e225e6ca35aca0f909a8ed4900878317608d2

    • SSDEEP

      384:ph92Cfflq1lXindH1jF9m4AvwghmMCHFGmmT8TUm5oMO6pVSV:ph9pf+lXinhdF9mjvVn0TUmmAVo

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks