General

  • Target

    dae6c0d23e44565fa21cce26d9eeec97_JaffaCakes118

  • Size

    664KB

  • Sample

    241209-wweyjs1nfk

  • MD5

    dae6c0d23e44565fa21cce26d9eeec97

  • SHA1

    2057a39f79134f7e2980d599a70e5b5cf488c432

  • SHA256

    0855543c96e3e4a4d9d5f40a3e8399f147239f342dea38a7056aaea04f31d1ee

  • SHA512

    53ce586979f910cbc89c9cb249b1a2e60b7886b75fd6ab3532725d6a2b9c1902a6769ef88234f3eda933c12396e9c44f916da59ce251fdf91fff7fa18a983aef

  • SSDEEP

    12288:lhbyXeP2kdAN5/LbAZzYsrm8UiugFJDys2AEennu01WdTd7G0Baw:lwPkaByEsybTgtFf1FK

Malware Config

Targets

    • Target

      dae6c0d23e44565fa21cce26d9eeec97_JaffaCakes118

    • Size

      664KB

    • MD5

      dae6c0d23e44565fa21cce26d9eeec97

    • SHA1

      2057a39f79134f7e2980d599a70e5b5cf488c432

    • SHA256

      0855543c96e3e4a4d9d5f40a3e8399f147239f342dea38a7056aaea04f31d1ee

    • SHA512

      53ce586979f910cbc89c9cb249b1a2e60b7886b75fd6ab3532725d6a2b9c1902a6769ef88234f3eda933c12396e9c44f916da59ce251fdf91fff7fa18a983aef

    • SSDEEP

      12288:lhbyXeP2kdAN5/LbAZzYsrm8UiugFJDys2AEennu01WdTd7G0Baw:lwPkaByEsybTgtFf1FK

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks