darkcomet | JaffaCakes118_6872b36cf853a8bb8059ddfa12d93570 | Triage

Sharing

General

Target

JaffaCakes118_6872b36cf853a8bb8059ddfa12d93570
Size

804KB
MD5

6872b36cf853a8bb8059ddfa12d93570
SHA1

9b22f8a53792b5677fdc9ded784c465732211f27
SHA256

44d190ef0a39280a4d697f539081774eed3c1fe85ec5625437a73649338b7fe4
SHA512

a4807320d883fa781a065b1dba27cca24c7b7782677d0a09fa1c894e46f8e2b6ebe67ab0a2f79690fc74ea2d5e920ba93aa4380ae37f8d1298ee9b12a831424c
SSDEEP

12288:r6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhils:OAmBpVKHu0Mu9Xo20VGLVP5

Score

10^/10

darkcomet

Malware Config

Signatures

Darkcomet family
darkcomet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6872b36cf853a8bb8059ddfa12d93570

Files

JaffaCakes118_6872b36cf853a8bb8059ddfa12d93570
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.MPRESS1
Size: 744KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE