darkcomet | 920a6ee052bcfaf17abf6977431a6bd8_JaffaCakes118 | Triage

Sharing

General

Target

920a6ee052bcfaf17abf6977431a6bd8_JaffaCakes118
Size

805KB
MD5

920a6ee052bcfaf17abf6977431a6bd8
SHA1

77541716906dc4be85ac39ea2dfced1a9ef57861
SHA256

b088833e8dddce0b2f6d61ddefcfdc7e19941a46a8726df5efa90809cdc8f68d
SHA512

871b134ed9d639409fc62e7f9a18ae25e673b528bf88b2e45b3931584b00c0b05f444ccb8467c6c34093b058b72833b0d1739d7bb1b6573ce25fb75c275a8f2d
SSDEEP

12288:UIRDYapjqxhDjaAchpWsuVtDnBsBDJIcynnC90levX4CuYf2D82T3s99+VHuNKO2:U0qrmAEE3uBDhynCylQgi63O9+VuNI

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
920a6ee052bcfaf17abf6977431a6bd8_JaffaCakes118

Files

920a6ee052bcfaf17abf6977431a6bd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 4KB

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 4KB - Virtual size: 4KB