General

  • Target

    e07a0bdd26f2313ba650811cbff869f8_JaffaCakes118

  • Size

    232KB

  • Sample

    241211-jgan3axrdr

  • MD5

    e07a0bdd26f2313ba650811cbff869f8

  • SHA1

    b592b6c8d1fcc9fe489e3c956c4149c83afab1cb

  • SHA256

    1e6087cdd864363596947ca0829553f790a1ccf7224e6c8ac95c57266e2cb36e

  • SHA512

    3d3e003bd92817f228f239fec078ec1bb445602b2e1f10103ad2d1d0bdbbbef6c88f45f34e83cb2e258eb0f89d8febeb29a2e70ac665684da9cac7fc08d0d430

  • SSDEEP

    6144:D4CFfifD2gVKVTQQ249HZ52KTh9XKOCgLJacj5/AZtRs:DXgr8VMQDT52WXKq9fj5/AZj

Malware Config

Targets

    • Target

      e07a0bdd26f2313ba650811cbff869f8_JaffaCakes118

    • Size

      232KB

    • MD5

      e07a0bdd26f2313ba650811cbff869f8

    • SHA1

      b592b6c8d1fcc9fe489e3c956c4149c83afab1cb

    • SHA256

      1e6087cdd864363596947ca0829553f790a1ccf7224e6c8ac95c57266e2cb36e

    • SHA512

      3d3e003bd92817f228f239fec078ec1bb445602b2e1f10103ad2d1d0bdbbbef6c88f45f34e83cb2e258eb0f89d8febeb29a2e70ac665684da9cac7fc08d0d430

    • SSDEEP

      6144:D4CFfifD2gVKVTQQ249HZ52KTh9XKOCgLJacj5/AZtRs:DXgr8VMQDT52WXKq9fj5/AZj

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks