General

  • Target

    b42ea2a14fff5db36f28f71e66d5239e_JaffaCakes118

  • Size

    1.7MB

  • Sample

    241130-ag2ywayjen

  • MD5

    b42ea2a14fff5db36f28f71e66d5239e

  • SHA1

    400104689f114534c6826c10d8308b9e787553e5

  • SHA256

    1f5c8423e03b1745115448f8a618891e9fbe4c8693a8cf01f593c1a6b959394c

  • SHA512

    4644b6714dd7f4f5ca101e38d879b00c58ef8716a3a2598ef2cea2f9753af880d8c8d2acab1d1f434f1abc5730f290eff49e236ed829b54e2f6ff207875a7f77

  • SSDEEP

    12288:NyggX4kXcIa4wtIXRigvriBFFdbIG2oIvvQgwTULraI5sdFTjq7BE726AOvX/lnW:qIwQC9urx+Kzri

Malware Config

Targets

    • Target

      b42ea2a14fff5db36f28f71e66d5239e_JaffaCakes118

    • Size

      1.7MB

    • MD5

      b42ea2a14fff5db36f28f71e66d5239e

    • SHA1

      400104689f114534c6826c10d8308b9e787553e5

    • SHA256

      1f5c8423e03b1745115448f8a618891e9fbe4c8693a8cf01f593c1a6b959394c

    • SHA512

      4644b6714dd7f4f5ca101e38d879b00c58ef8716a3a2598ef2cea2f9753af880d8c8d2acab1d1f434f1abc5730f290eff49e236ed829b54e2f6ff207875a7f77

    • SSDEEP

      12288:NyggX4kXcIa4wtIXRigvriBFFdbIG2oIvvQgwTULraI5sdFTjq7BE726AOvX/lnW:qIwQC9urx+Kzri

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks