Overview

overview

10

Static

static

10

fc5cd0ec4a...18.exe

windows7-x64

10

fc5cd0ec4a...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc5cd0ec4a96dd9f03171d021c9e7681_JaffaCakes118

  • Size

    992KB

  • Sample

    241218-vds7savqgs

  • MD5

    fc5cd0ec4a96dd9f03171d021c9e7681

  • SHA1

    53813e18be5ecf4542792193f81587871fa2637e

  • SHA256

    a1a8c265e3f6a0c64676ece658cc7c11f5aaa7bfc3b59268c6b931db9b2d9631

  • SHA512

    63f9356b4c3599f47b141a42a7bd126b83c6c77eab75044c11f5a0d3c830979b7923a90d8c67b68bdd6ccc639efea0cac04037fa225ff3317e6dcb730aa9e468

  • SSDEEP

    24576:AAEE3uBDhynCylQgi63O9+VcN7Uw0QZh9u:AAE3JX63OMcq

Score
10/10
darkcometdiscoveryrattrojan

Malware Config

Targets

    • Target

      fc5cd0ec4a96dd9f03171d021c9e7681_JaffaCakes118

    • Size

      992KB

    • MD5

      fc5cd0ec4a96dd9f03171d021c9e7681

    • SHA1

      53813e18be5ecf4542792193f81587871fa2637e

    • SHA256

      a1a8c265e3f6a0c64676ece658cc7c11f5aaa7bfc3b59268c6b931db9b2d9631

    • SHA512

      63f9356b4c3599f47b141a42a7bd126b83c6c77eab75044c11f5a0d3c830979b7923a90d8c67b68bdd6ccc639efea0cac04037fa225ff3317e6dcb730aa9e468

    • SSDEEP

      24576:AAEE3uBDhynCylQgi63O9+VcN7Uw0QZh9u:AAE3JX63OMcq

    Score
    10/10
    darkcometdiscoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Darkcomet family

      darkcomet

    • Drops file in Drivers directory

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks