General

  • Target

    f564acf6d76fe0e158dba437254d70ca_JaffaCakes118

  • Size

    688KB

  • Sample

    241215-x3kcaawjcp

  • MD5

    f564acf6d76fe0e158dba437254d70ca

  • SHA1

    5c5cdc21d9dd8876aea1502c159ee809cbf4b395

  • SHA256

    3b8a3c8e5e6a983591f0b6f83969f99a819f00464fcda17db4df452337383f50

  • SHA512

    06aef0a980f54058393aac79d12000ec4fc54069f8d531ead159f044f2daa8d55419d67b2d5a7bc825468382958859c574d6fda71caa3422af36c0f63ff3f017

  • SSDEEP

    12288:8/7Yj56Cfgd9fOBBBJwnLRvkS2nlZdSEIG3+P3TTgXaaJxDhDpLxxmZWfNFvGs:t56CI3f26LQmP3KB3DraZEvGs

Malware Config

Targets

    • Target

      f564acf6d76fe0e158dba437254d70ca_JaffaCakes118

    • Size

      688KB

    • MD5

      f564acf6d76fe0e158dba437254d70ca

    • SHA1

      5c5cdc21d9dd8876aea1502c159ee809cbf4b395

    • SHA256

      3b8a3c8e5e6a983591f0b6f83969f99a819f00464fcda17db4df452337383f50

    • SHA512

      06aef0a980f54058393aac79d12000ec4fc54069f8d531ead159f044f2daa8d55419d67b2d5a7bc825468382958859c574d6fda71caa3422af36c0f63ff3f017

    • SSDEEP

      12288:8/7Yj56Cfgd9fOBBBJwnLRvkS2nlZdSEIG3+P3TTgXaaJxDhDpLxxmZWfNFvGs:t56CI3f26LQmP3KB3DraZEvGs

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Darkcomet family

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks