Extracted

• • Target

    b3c205fe5d0021e64e936346cbd4e2cb_JaffaCakes118

  • Size

    1.1MB

  • MD5

    b3c205fe5d0021e64e936346cbd4e2cb

  • SHA1

    03821fe05ec623f9384ca1b9e65c36fdfa43eb09

  • SHA256

    ea468731d7c68df31f817b2b1cc88d5e73f14973a953d72cf56fa982dd8f54b7

  • SHA512

    067b6806bd5c6c8a83c3edb562d99db9aab6b318f4b5b92e6eb56dcfea57699b468e70882fe9da7d2479bf4cfd6d01725e20135c46b3afe09fdd346b9064e897

  • SSDEEP

    12288:5caeZZftARZnSgji8gXI2Hv3AvnqI3vHxjvS+crBOqMxWtqvtITZZBjfVECHxwFG:SFtgj/2oyIPwQqRu2xwPLOSZXRa9Bo

  Score

  10^/10

  darkcometlatentbotdiscoveryrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • LatentBot

    Modular trojan written in Delphi which has been in-the-wild since 2013.

    trojanlatentbot

  • Latentbot family

    latentbot

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2