General

  • Target

    4ff78ae54f6861483f9a8bdcaeb795ae_JaffaCakes118

  • Size

    1.5MB

  • Sample

    241017-a7teessgqe

  • MD5

    4ff78ae54f6861483f9a8bdcaeb795ae

  • SHA1

    ac329f2dc21360332008bce79116794d2b5e0f16

  • SHA256

    a988fb19b97ca84b09e97874d935ec016a02f1f0ad09c46797f4065813cb0820

  • SHA512

    1e8ec4dd3c2d88669f2643df8df38f83618b1cc4bde890c0ff97c7813e8114893625b62ccebb49b506520c91afef98c578e5b155c0c2d8a30d1257b37b056820

  • SSDEEP

    24576:o0QRWoJEfg0oChGdJQbjPbNW5tYeP+GFAP+g6CP65zX18GCppsGA+ZkLmuIP65ag:jQRV2o3MPY5A2CPOFIj1NEbRj/9

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

188.4.62.186:1604

Mutex

DCMIN_MUTEX-84Z59Q3

Attributes
  • gencode

    5C4yyzPaYqGr

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      4ff78ae54f6861483f9a8bdcaeb795ae_JaffaCakes118

    • Size

      1.5MB

    • MD5

      4ff78ae54f6861483f9a8bdcaeb795ae

    • SHA1

      ac329f2dc21360332008bce79116794d2b5e0f16

    • SHA256

      a988fb19b97ca84b09e97874d935ec016a02f1f0ad09c46797f4065813cb0820

    • SHA512

      1e8ec4dd3c2d88669f2643df8df38f83618b1cc4bde890c0ff97c7813e8114893625b62ccebb49b506520c91afef98c578e5b155c0c2d8a30d1257b37b056820

    • SSDEEP

      24576:o0QRWoJEfg0oChGdJQbjPbNW5tYeP+GFAP+g6CP65zX18GCppsGA+ZkLmuIP65ag:jQRV2o3MPY5A2CPOFIj1NEbRj/9

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v15

Tasks