General

  • Target

    e93beeaa7d93a73ae75b3f3d389ba7a4_JaffaCakes118

  • Size

    756KB

  • Sample

    241213-bw3pdstrav

  • MD5

    e93beeaa7d93a73ae75b3f3d389ba7a4

  • SHA1

    0aa4715d4295ac678ea29c22b53a9b08e96b16e9

  • SHA256

    8e1fe945b96440cdddb41f8668e380bd4539a7ef66f3d4b473e69c6073f82b27

  • SHA512

    30ca8b8dbd41eda79acf18173313927f07e2aa150692c03c0a03d3d56d5242af343db4690917b6d43104caed97d5cb44b0190bafe321536ccb3c24411ef07948

  • SSDEEP

    12288:n9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKca2aRTiua:9AQ6Zx9cxTmOrucTIEFSpOGl

Malware Config

Targets

    • Target

      e93beeaa7d93a73ae75b3f3d389ba7a4_JaffaCakes118

    • Size

      756KB

    • MD5

      e93beeaa7d93a73ae75b3f3d389ba7a4

    • SHA1

      0aa4715d4295ac678ea29c22b53a9b08e96b16e9

    • SHA256

      8e1fe945b96440cdddb41f8668e380bd4539a7ef66f3d4b473e69c6073f82b27

    • SHA512

      30ca8b8dbd41eda79acf18173313927f07e2aa150692c03c0a03d3d56d5242af343db4690917b6d43104caed97d5cb44b0190bafe321536ccb3c24411ef07948

    • SSDEEP

      12288:n9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKca2aRTiua:9AQ6Zx9cxTmOrucTIEFSpOGl

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks