General

  • Target

    cd1f24ff03c12972e51f7e6ebf43f556_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241206-p8wnhatrfn

  • MD5

    cd1f24ff03c12972e51f7e6ebf43f556

  • SHA1

    9879483cef192b87601e12ed02b37930422d7418

  • SHA256

    05de9d82466e1bda62e7d606a7fd87fb33cac0264dc37718a46fda86d84383e4

  • SHA512

    5ad44e308c7ed41efbe1143a929b17c55865b3e6f27b153d474ee4099e86385da7a41dd84965fde3e1d108a48144a87877a177070c64718f279f4aa683c986f5

  • SSDEEP

    24576:mVKHkkUv8dEMDwZAlfF7f7e3g/ja35/IwdiW2AI+MB55KE0hSqxMNcK:md4R8ZAld7e3gW35H2AY553sSqaX

Malware Config

Targets

    • Target

      cd1f24ff03c12972e51f7e6ebf43f556_JaffaCakes118

    • Size

      1.1MB

    • MD5

      cd1f24ff03c12972e51f7e6ebf43f556

    • SHA1

      9879483cef192b87601e12ed02b37930422d7418

    • SHA256

      05de9d82466e1bda62e7d606a7fd87fb33cac0264dc37718a46fda86d84383e4

    • SHA512

      5ad44e308c7ed41efbe1143a929b17c55865b3e6f27b153d474ee4099e86385da7a41dd84965fde3e1d108a48144a87877a177070c64718f279f4aa683c986f5

    • SSDEEP

      24576:mVKHkkUv8dEMDwZAlfF7f7e3g/ja35/IwdiW2AI+MB55KE0hSqxMNcK:md4R8ZAld7e3gW35H2AY553sSqaX

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks