General

  • Target

    d9388137a0f9300f73f8df37ad58c0a0_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241209-ms6gnazkdn

  • MD5

    d9388137a0f9300f73f8df37ad58c0a0

  • SHA1

    7b8d85b70c5c5be9c112f4806df8c28e28a76fd5

  • SHA256

    547956561b1714de667c3ec27fc147b26cff8cc8e7b7d44b8b8c2dd5330d00f5

  • SHA512

    aea1bb6d89da9bdbebd654e665c21903c54d80334e929ac0b6be4b25c60f5b4a45987c857e93fcf478ee6f4f4a82d7583541e0df0679d06d6cdc6d5dbfa0eeb8

  • SSDEEP

    12288:QB8gZtTfGQ6jrHPGB6qUYRUDUXNCiVu/wjE1ymyoTfgsCwpqIWHvY4/b2XyvUOvp:QCfe9MjeBjE7swkTy67Os5jgZY3HYTa

Malware Config

Targets

    • Target

      d9388137a0f9300f73f8df37ad58c0a0_JaffaCakes118

    • Size

      1.0MB

    • MD5

      d9388137a0f9300f73f8df37ad58c0a0

    • SHA1

      7b8d85b70c5c5be9c112f4806df8c28e28a76fd5

    • SHA256

      547956561b1714de667c3ec27fc147b26cff8cc8e7b7d44b8b8c2dd5330d00f5

    • SHA512

      aea1bb6d89da9bdbebd654e665c21903c54d80334e929ac0b6be4b25c60f5b4a45987c857e93fcf478ee6f4f4a82d7583541e0df0679d06d6cdc6d5dbfa0eeb8

    • SSDEEP

      12288:QB8gZtTfGQ6jrHPGB6qUYRUDUXNCiVu/wjE1ymyoTfgsCwpqIWHvY4/b2XyvUOvp:QCfe9MjeBjE7swkTy67Os5jgZY3HYTa

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks