General
-
Target
62f17e42e40ef731f7997f09d387ea3c_JaffaCakes118
-
Size
556KB
-
Sample
241020-ss225axbqr
-
MD5
62f17e42e40ef731f7997f09d387ea3c
-
SHA1
65de51fc088ac3ca3a64b6aa0ad090168d1720d0
-
SHA256
ef50d205665a80d0eb8e74f8ccd409502cfe13d6658efd1c3b593a7c6d7a3eab
-
SHA512
b746a1068d97a91b4e460b14b992251a4706bf5f5e2332bfc77aaec0169840d35f7fb265835c85b4c74a38c3ce411aedc6de2add4951b80aecae1370cdcf2a8a
-
SSDEEP
12288:GMuOLl1rkHbSuPpjrYIOdHTPbZY/KArakBo9aFyX:GMuul1SbSyjrYnz9YC0ueyX
Malware Config
Targets
-
-
Target
62f17e42e40ef731f7997f09d387ea3c_JaffaCakes118
-
Size
556KB
-
MD5
62f17e42e40ef731f7997f09d387ea3c
-
SHA1
65de51fc088ac3ca3a64b6aa0ad090168d1720d0
-
SHA256
ef50d205665a80d0eb8e74f8ccd409502cfe13d6658efd1c3b593a7c6d7a3eab
-
SHA512
b746a1068d97a91b4e460b14b992251a4706bf5f5e2332bfc77aaec0169840d35f7fb265835c85b4c74a38c3ce411aedc6de2add4951b80aecae1370cdcf2a8a
-
SSDEEP
12288:GMuOLl1rkHbSuPpjrYIOdHTPbZY/KArakBo9aFyX:GMuul1SbSyjrYnz9YC0ueyX
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5