Extracted

• • Target

    JaffaCakes118_2282f70008cb87c4c152c15ed231c215

  • Size

    840KB

  • MD5

    2282f70008cb87c4c152c15ed231c215

  • SHA1

    0e07c98befb22a91490902176a4c1732a8e8687d

  • SHA256

    5fdfd3a2580db252eceb76bcac4ace3da443d90948517082e71221e3717ac56d

  • SHA512

    ba7a27eb39383dcc74d4dfa5938efc79892cac704ec94d71a7cf36b3f99f9bb654393777e3035d4d0be18e7d51afb561a803e6e2908218fdb124864280eac7f8

  • SSDEEP

    24576:I3jpXatGJ1xvwN8Dv6rRRk14XFFZ86cvYA0Lo:I3jiGTZmoyrR+wr8l8

  Score

  10^/10

  discoverydarkcometguest16rattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2