Extracted

• • Target

    JaffaCakes118_895cc284825810712eb7a85b28533cca

  • Size

    392KB

  • MD5

    895cc284825810712eb7a85b28533cca

  • SHA1

    48e818ba3f6002a4f1ef086b561df40dea4f2b78

  • SHA256

    0d162cd950a2dd847ba0def915e1b77e71fcb42ee7ccfc1c442d8c9c59856c86

  • SHA512

    c20050ac01816304b3efede26b63af5087608755275cad06becbd2ff26330bccafe95678f8ad9dfcec268482ad5ff33f55a4294fae44898d0f867387eb40135d

  • SSDEEP

    12288:7dxeU2Gq3B1OArDJOTC2qaKG46r47LUL3LvBeFt:7G3B1Hr8TKaB4k47LUnvBA

  Score

  10^/10

  darkcometguest16defense_evasiondiscoveryrattrojanupx

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Windows security bypass

    defense_evasiontrojan

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Windows security modification

    defense_evasiontrojan

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2