Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...f0.exe

windows7-x64

10

JaffaCakes...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_81e01623ccb397a4230960ea83be74f0

  • Size

    711KB

  • Sample

    250320-h6nrjsw1cw

  • MD5

    81e01623ccb397a4230960ea83be74f0

  • SHA1

    021692e0ac6d98cd638b0318e6ead1817886e4af

  • SHA256

    88b6d338c30016f04359cd7d8574ccf3886ccc1860ff5e8e2139bf347fcf867f

  • SHA512

    7ce9fb55150d08146a5740b5a23126d7c275850105f141276895889233dd902ad30601076061d2464f7a7e4c78ee048902840b1af707ca6c951ae55bcaca6662

  • SSDEEP

    12288:WnKPbhC4DjIQsQK5US39mRUpdXmDMgig7d7Y/wC1Rjc8pslGVKc9:WnKPbhRPql5U69qCdXm9hd7YoaFXsS9

Score
10/10
darkcometdiscoveryrattrojan

Malware Config

Extracted

Family

darkcomet

Attributes
  • gencode

  • install

    false

  • offline_keylogger

    false

  • persistence

    false

rc4.plain

Targets

    • Target

      JaffaCakes118_81e01623ccb397a4230960ea83be74f0

    • Size

      711KB

    • MD5

      81e01623ccb397a4230960ea83be74f0

    • SHA1

      021692e0ac6d98cd638b0318e6ead1817886e4af

    • SHA256

      88b6d338c30016f04359cd7d8574ccf3886ccc1860ff5e8e2139bf347fcf867f

    • SHA512

      7ce9fb55150d08146a5740b5a23126d7c275850105f141276895889233dd902ad30601076061d2464f7a7e4c78ee048902840b1af707ca6c951ae55bcaca6662

    • SSDEEP

      12288:WnKPbhC4DjIQsQK5US39mRUpdXmDMgig7d7Y/wC1Rjc8pslGVKc9:WnKPbhRPql5U69qCdXm9hd7YoaFXsS9

    Score
    10/10
    darkcometdiscoveryrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Darkcomet family

      darkcomet

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks