Overview

overview

10

Static

static

3

JaffaCakes...d8.exe

windows7-x64

10

JaffaCakes...d8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6cae0061a202f9a84975872c387eded8

  • Size

    724KB

  • Sample

    250103-pva5mstqb1

  • MD5

    6cae0061a202f9a84975872c387eded8

  • SHA1

    3282ef9ae0c219e7a9edc992d68f3be1077ad826

  • SHA256

    7736e50e548acb5f83a16782393ddd17489c55162d4b81aa8c9c5d2356e04574

  • SHA512

    b8a7ff5fa90718d5650eaba6da7b58ba1beba112814658ae93a8eac89eb0f048be60d71cc6ab8d1011be71c5d1ac01a60d68711f6bb01b1961fb879de275825e

  • SSDEEP

    12288:oZCQ3Fdf7REeahTfqWfr39INldD2uQxc4n4eWRBhtJ6kIJnkEzJLmYJYSc:oZCQ3/7qnJSE3iXzAccWTnJ9ynkEzJqg

Score
10/10
darkcometdiscoverypersistencerattrojan

Malware Config

Targets

    • Target

      JaffaCakes118_6cae0061a202f9a84975872c387eded8

    • Size

      724KB

    • MD5

      6cae0061a202f9a84975872c387eded8

    • SHA1

      3282ef9ae0c219e7a9edc992d68f3be1077ad826

    • SHA256

      7736e50e548acb5f83a16782393ddd17489c55162d4b81aa8c9c5d2356e04574

    • SHA512

      b8a7ff5fa90718d5650eaba6da7b58ba1beba112814658ae93a8eac89eb0f048be60d71cc6ab8d1011be71c5d1ac01a60d68711f6bb01b1961fb879de275825e

    • SSDEEP

      12288:oZCQ3Fdf7REeahTfqWfr39INldD2uQxc4n4eWRBhtJ6kIJnkEzJLmYJYSc:oZCQ3/7qnJSE3iXzAccWTnJ9ynkEzJqg

    Score
    10/10
    darkcometdiscoverypersistencerattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Darkcomet family

      darkcomet

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks