Extracted

• • Target

    JaffaCakes118_4abb6228914412ba5419e52648d87dff

  • Size

    299KB

  • MD5

    4abb6228914412ba5419e52648d87dff

  • SHA1

    772958af9eee4d47fa0126dc69e1d82fd58d8883

  • SHA256

    6485234387d442da150cd85c15fa5e7fb359763a9cbd8411ab8664452fcec50e

  • SHA512

    850e02dba65fa88c2cea283351b0e5f12634b06087cbc867b8201ec7049059d4314caecca9e95a16bc35c20b6b9a1d2a98da7703b5c94593538bbddde6aae92f

  • SSDEEP

    6144:utzNt8H0kBkLpledCDSFoSUhkp4Viu6FvRbUYvKcCIz9r:uy04MeYD6oSUhkp4iFVUsKcB9r

  Score

  10^/10

  darkcometguest16discoveryrattrojanupx

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2