Extracted

Extracted

• • Target

    JaffaCakes118_b6c0bc54b232202edef006875fa55c1a

  • Size

    330KB

  • MD5

    b6c0bc54b232202edef006875fa55c1a

  • SHA1

    b1d58e3537b12c5be5f185c03e28029bed759304

  • SHA256

    cfeeb6b0024c5b2c9ff64ac45061ebcb27799cc8a28b1e95620b65f7aed2e1d0

  • SHA512

    948b5d0cb9d8610ebddec4c4f7fc5f31e4c4e7556ba462ba0346d5b6ce5cd94505ee409cb319bd60096ea07466dc4b7b7addc7590b16bec639c0ebf3765bdd1b

  • SSDEEP

    6144:E4CFfifD2gVKVTQQ249HZ52KTh9XKOCgLJacj5/AZtRsh5LLVMdWnpQZh9h4u:EXgr8VMQDT52WXKq9fj5/AZj8DMd0QZ+

  Score

  10^/10

  darkcometguest16discoveryrattrojanupx

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2