Overview

overview

10

Static

static

3

5d06b31229...18.exe

windows7-x64

10

5d06b31229...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d06b31229aa680e234485c9fc4c1635_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241019-rj5wzssbqn

  • MD5

    5d06b31229aa680e234485c9fc4c1635

  • SHA1

    571f4338a07a2c20c26dbdc66792675b649b1e24

  • SHA256

    7fbe87545eef49da0df850719536bb30b196f7ad2d5a34ee795c01381ffda569

  • SHA512

    0469e235a13691ff5a058469f04085e5410a53ed596b060ebd17dd6aba45be2845e94ab1d75d85e0411c908ab50e1dfbe550b4baae68e96e8fda9b1f8739ec3f

  • SSDEEP

    12288:2vcXFFMTbLXRF7gmk/waXolVD10GP0QKlOKwEpC10GS1pje05GvExJp5LNBNFPUW:2vK/MTnhtLFaXUVDmoKlP1jvMS1NCI7

Score
10/10
darkcometdiscoveryrattrojanupx

Malware Config

Targets

    • Target

      5d06b31229aa680e234485c9fc4c1635_JaffaCakes118

    • Size

      1.3MB

    • MD5

      5d06b31229aa680e234485c9fc4c1635

    • SHA1

      571f4338a07a2c20c26dbdc66792675b649b1e24

    • SHA256

      7fbe87545eef49da0df850719536bb30b196f7ad2d5a34ee795c01381ffda569

    • SHA512

      0469e235a13691ff5a058469f04085e5410a53ed596b060ebd17dd6aba45be2845e94ab1d75d85e0411c908ab50e1dfbe550b4baae68e96e8fda9b1f8739ec3f

    • SSDEEP

      12288:2vcXFFMTbLXRF7gmk/waXolVD10GP0QKlOKwEpC10GS1pje05GvExJp5LNBNFPUW:2vK/MTnhtLFaXUVDmoKlP1jvMS1NCI7

    Score
    10/10
    darkcometdiscoveryrattrojanupx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks