darkcomet | b34935d148507d3ef78a5c72a7d3ccf3_JaffaCakes118 | Triage

Sharing

General

Target

b34935d148507d3ef78a5c72a7d3ccf3_JaffaCakes118
Size

575KB
MD5

b34935d148507d3ef78a5c72a7d3ccf3
SHA1

7623b9e172d3545abe52c8390ce2ff5af3408edf
SHA256

aead5feec2aa1684ec02fb98a7ece2d8bc3567eea7ee501f0b3dfa69337880ef
SHA512

b44a0c066e3c23deb36c07bfa6791b9f9e97a640790094f7ce274d9ee67ad53f938eee7f9bd71ea9defa24361b17ea368632979a2f1c4e541068a6ab854d5137
SSDEEP

12288:7k0QVlhmPojAPTMEsUTg0oChO/Q2JbsbjPbN5qhRTtYe3f+Iw86k/0:w0QRWoJEfg0oChGdJQbjPbNW5tYeP+GE

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b34935d148507d3ef78a5c72a7d3ccf3_JaffaCakes118

Files

b34935d148507d3ef78a5c72a7d3ccf3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ