General

  • Target

    da5d54b7bd133becef420cbced1fff24_JaffaCakes118

  • Size

    697KB

  • Sample

    241209-s7whwsspct

  • MD5

    da5d54b7bd133becef420cbced1fff24

  • SHA1

    644f22eef59bd69f205b458255bd56fbf2014d69

  • SHA256

    9c599fb8110d7a26e6b10549861eb06b66850f9e528204bcae7338d39a811219

  • SHA512

    90fc8a6ec6d457691f148b635c8ea4f3e85ef64d9d3c2240c14a4288bec2f928404f0522428893783d4cfded5f35f0ba780a4109fd7fb6add340aaf570746b59

  • SSDEEP

    12288:f9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnK:lAQ6Zx9cxTmOrucTIEFSpOG

Malware Config

Targets

    • Target

      da5d54b7bd133becef420cbced1fff24_JaffaCakes118

    • Size

      697KB

    • MD5

      da5d54b7bd133becef420cbced1fff24

    • SHA1

      644f22eef59bd69f205b458255bd56fbf2014d69

    • SHA256

      9c599fb8110d7a26e6b10549861eb06b66850f9e528204bcae7338d39a811219

    • SHA512

      90fc8a6ec6d457691f148b635c8ea4f3e85ef64d9d3c2240c14a4288bec2f928404f0522428893783d4cfded5f35f0ba780a4109fd7fb6add340aaf570746b59

    • SSDEEP

      12288:f9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnK:lAQ6Zx9cxTmOrucTIEFSpOG

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks