General

  • Target

    d2b45875945ee0ff06397001a560557c_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241207-qs3ybatmex

  • MD5

    d2b45875945ee0ff06397001a560557c

  • SHA1

    96b7aea6eee7568f7ac5ce28fb354ac16edde9bb

  • SHA256

    f9da7b9ae88f1a89a0464e186a06518aafcf28165848f0fc1cc883353afe47ae

  • SHA512

    54a9ee8b56f04161a0b6f638b7f20768c8d0965543bf9c95a758acceb8489388aeafce33b6cd8583b020518cafac69e0f7e31abe3e036aac0c5e71587ec092ca

  • SSDEEP

    24576:d8uYxSrDzw4GnM0tVovh9p/0k+LDpqliuXgfSx:JYxSvdyFV0f3+L1qliugfSx

Malware Config

Targets

    • Target

      d2b45875945ee0ff06397001a560557c_JaffaCakes118

    • Size

      1.0MB

    • MD5

      d2b45875945ee0ff06397001a560557c

    • SHA1

      96b7aea6eee7568f7ac5ce28fb354ac16edde9bb

    • SHA256

      f9da7b9ae88f1a89a0464e186a06518aafcf28165848f0fc1cc883353afe47ae

    • SHA512

      54a9ee8b56f04161a0b6f638b7f20768c8d0965543bf9c95a758acceb8489388aeafce33b6cd8583b020518cafac69e0f7e31abe3e036aac0c5e71587ec092ca

    • SSDEEP

      24576:d8uYxSrDzw4GnM0tVovh9p/0k+LDpqliuXgfSx:JYxSvdyFV0f3+L1qliugfSx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks