General

  • Target

    ddfde51272b45dff30486b9d78999ab7_JaffaCakes118

  • Size

    666KB

  • Sample

    241210-whdhka1re1

  • MD5

    ddfde51272b45dff30486b9d78999ab7

  • SHA1

    2dfc37905b291c2a148ae64eed8b59d39f622214

  • SHA256

    501e4029fe4392242a6289085abed3328036601174d83349e576bd35d7170a22

  • SHA512

    73cdd7e461bc21fdc3e6455e0ad1395c81314289712e5d1313d7117080401663de317de1e24796f7aefa6099be6a2409e7d9fd3e21b9240d9d83b947fee500c9

  • SSDEEP

    12288:Qfbh3edoSdPDze9LBApPsKNoeP313umLcUmyRC+H/jXI0D:KR8oYzS12PVaA3LLRHRC+fjX5

Malware Config

Targets

    • Target

      ddfde51272b45dff30486b9d78999ab7_JaffaCakes118

    • Size

      666KB

    • MD5

      ddfde51272b45dff30486b9d78999ab7

    • SHA1

      2dfc37905b291c2a148ae64eed8b59d39f622214

    • SHA256

      501e4029fe4392242a6289085abed3328036601174d83349e576bd35d7170a22

    • SHA512

      73cdd7e461bc21fdc3e6455e0ad1395c81314289712e5d1313d7117080401663de317de1e24796f7aefa6099be6a2409e7d9fd3e21b9240d9d83b947fee500c9

    • SSDEEP

      12288:Qfbh3edoSdPDze9LBApPsKNoeP313umLcUmyRC+H/jXI0D:KR8oYzS12PVaA3LLRHRC+fjX5

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Drops file in Drivers directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks