Overview

overview

10

Static

static

10

53d73b4253...18.exe

windows7-x64

10

53d73b4253...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53d73b42530d5b03aff7f4de6d047e08_JaffaCakes118

  • Size

    647KB

  • Sample

    241017-1d3zwaxfkh

  • MD5

    53d73b42530d5b03aff7f4de6d047e08

  • SHA1

    33d5d6645fe6a872835af8000900eb1e96e6cd07

  • SHA256

    9428e367c2986ae02203092b8c9d1a6daed612804534b0b060384e62c00f8de9

  • SHA512

    2690eaf0fd8eb024360656016972e0484487524fffb183c9a0c1ed8af2717f2065b9cd702ebfab4e0a7658fceb34d5e9a0f917a69a109060dffd649d80f42887

  • SSDEEP

    12288:I6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhO:tAmBpVKHu0Mu9Xo20VGLVP5O

Score
10/10
darkcometdiscoveryevasionrattrojan

Malware Config

Targets

    • Target

      53d73b42530d5b03aff7f4de6d047e08_JaffaCakes118

    • Size

      647KB

    • MD5

      53d73b42530d5b03aff7f4de6d047e08

    • SHA1

      33d5d6645fe6a872835af8000900eb1e96e6cd07

    • SHA256

      9428e367c2986ae02203092b8c9d1a6daed612804534b0b060384e62c00f8de9

    • SHA512

      2690eaf0fd8eb024360656016972e0484487524fffb183c9a0c1ed8af2717f2065b9cd702ebfab4e0a7658fceb34d5e9a0f917a69a109060dffd649d80f42887

    • SSDEEP

      12288:I6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhO:tAmBpVKHu0Mu9Xo20VGLVP5O

    Score
    10/10
    darkcometdiscoveryevasionrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks