Overview

overview

10

Static

static

10

JaffaCakes...c1.exe

windows7-x64

10

JaffaCakes...c1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_24fdeb173a1317ad4dff2314bf9ff0c1

  • Size

    745KB

  • Sample

    250226-lepfjsvk15

  • MD5

    24fdeb173a1317ad4dff2314bf9ff0c1

  • SHA1

    2d1b4e9d8e04d17eaeffe1b77fea1e585a99ac05

  • SHA256

    448b06dc9b8c955cc327d0d16b384541650add31115fcad99d7788533b3061f3

  • SHA512

    d30367c7fa42929d8013cc13068d0e003ded4a61a66254b225c238840a69b429cdb8db99c851ee77131056c324270f0796ed69e4a60dbb84c8913e8793d9db29

  • SSDEEP

    12288:O6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhuqMd0QZh9u:zAmBpVKHu0Mu9Xo20VGLVP5uD0QZh9u

Score
10/10
darkcometýuest1sdiscoveryrattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

ýuest1s

C2

�27.0.0.11

Mutex

DC_MUTEX-R1BQGM2

Attributes
  • gencode

    p2qwTCRocve*

  • install

    false

  • offline_keylogger

    false

  • persistence

    false

rc4.plain

Targets

    • Target

      JaffaCakes118_24fdeb173a1317ad4dff2314bf9ff0c1

    • Size

      745KB

    • MD5

      24fdeb173a1317ad4dff2314bf9ff0c1

    • SHA1

      2d1b4e9d8e04d17eaeffe1b77fea1e585a99ac05

    • SHA256

      448b06dc9b8c955cc327d0d16b384541650add31115fcad99d7788533b3061f3

    • SHA512

      d30367c7fa42929d8013cc13068d0e003ded4a61a66254b225c238840a69b429cdb8db99c851ee77131056c324270f0796ed69e4a60dbb84c8913e8793d9db29

    • SSDEEP

      12288:O6A84PaHhfD/tV9sj5NKR0pau9XGyu2qBVGLQyTPfhuqMd0QZh9u:zAmBpVKHu0Mu9Xo20VGLVP5uD0QZh9u

    Score
    10/10
    darkcometýuest1sdiscoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Darkcomet family

      darkcomet

    • Drops file in Drivers directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks