Overview

overview

10

Static

static

3

6155586546...18.exe

windows7-x64

10

6155586546...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6155586546e8b7ba07b4135c28d2920c_JaffaCakes118

  • Size

    888KB

  • Sample

    241020-kmjpla1djj

  • MD5

    6155586546e8b7ba07b4135c28d2920c

  • SHA1

    aa6c31c8edec7a748920bfd8aabb8351e7375ddf

  • SHA256

    2dd6298ba2027716d0a002b82d0487507ac1de0fd891f34f8166905679f84c3b

  • SHA512

    68c12c32f8d5a4aee71e8fb5a0a45c012822cf7e6e1d62311303fb5d8f82f26c9fc3503bf40a4b50636eabb953a845298d8d9ffbbb5b6fbaac60838099795115

  • SSDEEP

    12288:lzej/8xNa7HyfLvj1KGlpt1+hhg8+M/dMOImF19j++Qx/lyMbKAQt7R0:G8ra7mFK2SrfL/imF11CxIMgx

Score
10/10
darkcometdiscoveryrattrojan

Malware Config

Targets

    • Target

      6155586546e8b7ba07b4135c28d2920c_JaffaCakes118

    • Size

      888KB

    • MD5

      6155586546e8b7ba07b4135c28d2920c

    • SHA1

      aa6c31c8edec7a748920bfd8aabb8351e7375ddf

    • SHA256

      2dd6298ba2027716d0a002b82d0487507ac1de0fd891f34f8166905679f84c3b

    • SHA512

      68c12c32f8d5a4aee71e8fb5a0a45c012822cf7e6e1d62311303fb5d8f82f26c9fc3503bf40a4b50636eabb953a845298d8d9ffbbb5b6fbaac60838099795115

    • SSDEEP

      12288:lzej/8xNa7HyfLvj1KGlpt1+hhg8+M/dMOImF19j++Qx/lyMbKAQt7R0:G8ra7mFK2SrfL/imF11CxIMgx

    Score
    10/10
    darkcometdiscoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks