General

  • Target

    96139ecae93cb64d0f62900c0759c62e0917e08c9555eb0704102da9c7615ead.exe

  • Size

    704KB

  • Sample

    241205-xfwrsswrfx

  • MD5

    414988e0c8a5d0a7efe3533eb1993308

  • SHA1

    fa9e85df2643421f63c525a8a1f838d4ca7fb36a

  • SHA256

    96139ecae93cb64d0f62900c0759c62e0917e08c9555eb0704102da9c7615ead

  • SHA512

    dbe095d04aaf33749af677db557064b7104781aa2788230eebe1a1b6d935e1b17abb71e4dfc34f72fa3b3ea64c28e6049e2b486e992fccf3610a7723b5e15ac2

  • SSDEEP

    12288:27l0HhGOehowqTR+8re/7oxYOvOK+e0cfIlhKGHqsW/QUWs:ul0HOho5TM0SOYQsfKiUf

Malware Config

Targets

    • Target

      96139ecae93cb64d0f62900c0759c62e0917e08c9555eb0704102da9c7615ead.exe

    • Size

      704KB

    • MD5

      414988e0c8a5d0a7efe3533eb1993308

    • SHA1

      fa9e85df2643421f63c525a8a1f838d4ca7fb36a

    • SHA256

      96139ecae93cb64d0f62900c0759c62e0917e08c9555eb0704102da9c7615ead

    • SHA512

      dbe095d04aaf33749af677db557064b7104781aa2788230eebe1a1b6d935e1b17abb71e4dfc34f72fa3b3ea64c28e6049e2b486e992fccf3610a7723b5e15ac2

    • SSDEEP

      12288:27l0HhGOehowqTR+8re/7oxYOvOK+e0cfIlhKGHqsW/QUWs:ul0HOho5TM0SOYQsfKiUf

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks