General

  • Target

    d55af79b45ec3c0965ff4fc844061fb8_JaffaCakes118

  • Size

    786KB

  • Sample

    241208-fl2fssypdl

  • MD5

    d55af79b45ec3c0965ff4fc844061fb8

  • SHA1

    fbc18eae4266e6190643a276db627b60e93af814

  • SHA256

    776a03577c0447f7ac2479c0f23a6a8d40073f93c8ae95f68dfa0041fbe16dda

  • SHA512

    44f1c3609897384ae84e34ec4cfed77232fd30ff0436ef4aa05b42a9e50f773875ebbcfbd3e6d52e95eed0def99d947f2215cf856b39f5ea89f7f7179ad51cf2

  • SSDEEP

    24576:xWn+6qZRxEGeBHVKE23k3yx6fW+r3msx1mm5Vt:sqZYGeBHUhk3T7msxcm5/

Malware Config

Targets

    • Target

      d55af79b45ec3c0965ff4fc844061fb8_JaffaCakes118

    • Size

      786KB

    • MD5

      d55af79b45ec3c0965ff4fc844061fb8

    • SHA1

      fbc18eae4266e6190643a276db627b60e93af814

    • SHA256

      776a03577c0447f7ac2479c0f23a6a8d40073f93c8ae95f68dfa0041fbe16dda

    • SHA512

      44f1c3609897384ae84e34ec4cfed77232fd30ff0436ef4aa05b42a9e50f773875ebbcfbd3e6d52e95eed0def99d947f2215cf856b39f5ea89f7f7179ad51cf2

    • SSDEEP

      24576:xWn+6qZRxEGeBHVKE23k3yx6fW+r3msx1mm5Vt:sqZYGeBHUhk3T7msxcm5/

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Drops file in Drivers directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks