Overview

overview

10

Static

static

10

69674cbf9e...18.exe

windows7-x64

10

69674cbf9e...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69674cbf9e194c694211fc36a98fceb9_JaffaCakes118

  • Size

    635KB

  • Sample

    241022-hsg2vasgrf

  • MD5

    69674cbf9e194c694211fc36a98fceb9

  • SHA1

    83eb4dbed42df608a9486581eef7ebd89b6d4575

  • SHA256

    ca383f7e1d0eb32eca2021fdbc3222cf7c38ed5f7f243e56f135b438efd8013c

  • SHA512

    395f7d465399b513b07f4af5d1f7242a5b336a272eca9ba4204cfa381b259875290e1779a362c5b5f937e57d86fa8fa1e737939e03695476b80003e6c6ff6c05

  • SSDEEP

    12288:wpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG95uhKIXn//:KwAcu99lPzvxP+Bsz2XjWTRMQcQkIXnn

Score
10/10
darkcometdiscoveryrattrojan

Malware Config

Targets

    • Target

      69674cbf9e194c694211fc36a98fceb9_JaffaCakes118

    • Size

      635KB

    • MD5

      69674cbf9e194c694211fc36a98fceb9

    • SHA1

      83eb4dbed42df608a9486581eef7ebd89b6d4575

    • SHA256

      ca383f7e1d0eb32eca2021fdbc3222cf7c38ed5f7f243e56f135b438efd8013c

    • SHA512

      395f7d465399b513b07f4af5d1f7242a5b336a272eca9ba4204cfa381b259875290e1779a362c5b5f937e57d86fa8fa1e737939e03695476b80003e6c6ff6c05

    • SSDEEP

      12288:wpwABK90BOe/x9lPAYvxPQVjdsAY2XjWlnlpTMMXG95uhKIXn//:KwAcu99lPzvxP+Bsz2XjWTRMQcQkIXnn

    Score
    10/10
    darkcometdiscoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks