Extracted

• • Target

    JaffaCakes118_905cbff879cf2bd68f886a5799a56edf

  • Size

    1.4MB

  • MD5

    905cbff879cf2bd68f886a5799a56edf

  • SHA1

    0c445811f97bdd48c8cf542637fd79b97dd1fd16

  • SHA256

    36d2e2ce756c8d71ea42a31d78ee3d706e713e2adc9b71334ffce725e7109d50

  • SHA512

    2854576568d2f15ee7e0ddbb66beb9a60bc987abf6d3267af7692afa3105ab739a1451fb0a61321bd1a02a30aff581ba19ac480f847e0d25aa239a8d1d4b7814

  • SSDEEP

    24576:2xaVauEH/0rY8SeVU1/+Or2StBAF1Q+l25YKjYP91UZ4GoN7ilv/3cGN9Oaqg+L:2cYMrJVVaQiMF1U6GoN7mv0zfL

  Score

  10^/10

  darkcometguest16defense_evasiondiscoveryrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Identifies Wine through registry keys

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    defense_evasion

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2