General

  • Target

    e0f71d9abbcadeb2065af8d79f63158d_JaffaCakes118

  • Size

    801KB

  • Sample

    241211-l64pjssncm

  • MD5

    e0f71d9abbcadeb2065af8d79f63158d

  • SHA1

    6c3292101a1f61aeabec976568125c4576b5aa34

  • SHA256

    c4f10c9a923c51ddc1c0ad74d475cff3644c63b3dcbe7c5085e1bae92ca35d64

  • SHA512

    e242730adcd8223859f2c201587a891ce77ca2fd1d7a881f9a316a80c6c6f7d353f041baa00440ac669d9ab9562cd172e7542d571f4e9e77e420de5b8e5e69d2

  • SSDEEP

    24576:jC6cMKJtD+uRtixqngLZZSD7XTpAi79xla6Sph:jCjMCD+wQt0dAiBa6ih

Malware Config

Targets

    • Target

      e0f71d9abbcadeb2065af8d79f63158d_JaffaCakes118

    • Size

      801KB

    • MD5

      e0f71d9abbcadeb2065af8d79f63158d

    • SHA1

      6c3292101a1f61aeabec976568125c4576b5aa34

    • SHA256

      c4f10c9a923c51ddc1c0ad74d475cff3644c63b3dcbe7c5085e1bae92ca35d64

    • SHA512

      e242730adcd8223859f2c201587a891ce77ca2fd1d7a881f9a316a80c6c6f7d353f041baa00440ac669d9ab9562cd172e7542d571f4e9e77e420de5b8e5e69d2

    • SSDEEP

      24576:jC6cMKJtD+uRtixqngLZZSD7XTpAi79xla6Sph:jCjMCD+wQt0dAiBa6ih

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks