Extracted

• • Target

    ebd9f744b09f44ce96c271194b2016fb_JaffaCakes118

  • Size

    660KB

  • MD5

    ebd9f744b09f44ce96c271194b2016fb

  • SHA1

    6fdee0ba43264dd481fc121a30cc346d70ebb27a

  • SHA256

    c64ffe6388ad14cd956917f3ce952f11aec3dfd14ad2beb6bf5bd356d9880f52

  • SHA512

    5f2632e468170822254b3b91d2ad5e14c3a53012efbe9883b00abd3d7c6fe4deee6e30b1622ca51e22e9ac25c3608f92eaa586316f38f040fd7a79a0f4589b53

  • SSDEEP

    12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452US:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Ji

  Score

  10^/10

  darkcometguest16discoveryevasionrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Sets file to hidden

    Modifies file attributes to stop it showing in Explorer etc.

    evasion

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2