Extracted

• • Target

    JaffaCakes118_c52d6bfcb18b48ce0976886fc1c60967

  • Size

    930KB

  • MD5

    c52d6bfcb18b48ce0976886fc1c60967

  • SHA1

    da6575713f50dae6e3ea4fac5aaf0d983c351171

  • SHA256

    6dbc41a48a41c991800d78eb2bd7231512830620880febda4a17e75c4f438a56

  • SHA512

    dc764e1d42bf9a74b5ac14be8ba01c1dfcf013456b2d403bf0e3616a440a5f124fde0909f207eeb02de3ebdad5e65425fb7f86ac204c6e3090ceb8973a19e0e0

  • SSDEEP

    24576:KZ1xuVVjfFoynPaVBUR8f+kN10EBxYAGrW:aQDgok30bAz

  Score

  10^/10

  darkcometguest16discoveryrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2