Overview

overview

10

Static

static

3

JaffaCakes...d0.exe

windows7-x64

10

JaffaCakes...d0.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_22abd5dabcd8f989bd23fbe3f871c6d0

  • Size

    3.5MB

  • Sample

    250225-t31sgswpx4

  • MD5

    22abd5dabcd8f989bd23fbe3f871c6d0

  • SHA1

    7c66a91d25fdc2931ceb67fcbf0adf885ecf1503

  • SHA256

    98561dd947acdb91048af2b5586b3367263c796d0404174aeadd22e7a44eb9bd

  • SHA512

    46b6e5e7fb75bc96b4db21c5c13dad774d1f14161b888b06a0a547d311903e73a6228fee30401d10240202d8f3be663261b4f4638fe981af24352f549fa24b4d

  • SSDEEP

    98304:cJFY26lNgGFJE/DgIC7cWadKsK0S/b03jWx2Ql:cJFY2CtJKDgIpWiXS/0jWx2

Score
10/10
darkcometrattrojan

Malware Config

Extracted

Family

darkcomet

Attributes
  • gencode

  • install

    false

  • offline_keylogger

    false

  • persistence

    false

rc4.plain

Targets

    • Target

      JaffaCakes118_22abd5dabcd8f989bd23fbe3f871c6d0

    • Size

      3.5MB

    • MD5

      22abd5dabcd8f989bd23fbe3f871c6d0

    • SHA1

      7c66a91d25fdc2931ceb67fcbf0adf885ecf1503

    • SHA256

      98561dd947acdb91048af2b5586b3367263c796d0404174aeadd22e7a44eb9bd

    • SHA512

      46b6e5e7fb75bc96b4db21c5c13dad774d1f14161b888b06a0a547d311903e73a6228fee30401d10240202d8f3be663261b4f4638fe981af24352f549fa24b4d

    • SSDEEP

      98304:cJFY26lNgGFJE/DgIC7cWadKsK0S/b03jWx2Ql:cJFY2CtJKDgIpWiXS/0jWx2

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Darkcomet family

      darkcomet

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks