General
-
Target
JaffaCakes118_90cabd069ac73bd0ab7256314b807761
-
Size
713KB
-
Sample
250329-wxaefszly6
-
MD5
90cabd069ac73bd0ab7256314b807761
-
SHA1
6250c9b3134583fdc19582394c28d44df12ee8e9
-
SHA256
230cb38176f0d0938afeb4e92aeb7460f7b0152cbd281e03f5dec00b7fbb9437
-
SHA512
2f65bb9fab0762871388eeccab5cf37909a5e51e642850ad39b158c2ba9487f41699e56d3282a3e4cbd31c19b1a680a58dab8ee9c3113c345ba203547ca01d15
-
SSDEEP
12288:iaAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDVsgdeU:zAEENIq8XwyVPQclDq/+WnpsSeU
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-L2YCCUG
-
gencode
kz6GhYV0TsbF
-
install
false
-
offline_keylogger
false
-
persistence
false
Targets
-
-
Target
JaffaCakes118_90cabd069ac73bd0ab7256314b807761
-
Size
713KB
-
MD5
90cabd069ac73bd0ab7256314b807761
-
SHA1
6250c9b3134583fdc19582394c28d44df12ee8e9
-
SHA256
230cb38176f0d0938afeb4e92aeb7460f7b0152cbd281e03f5dec00b7fbb9437
-
SHA512
2f65bb9fab0762871388eeccab5cf37909a5e51e642850ad39b158c2ba9487f41699e56d3282a3e4cbd31c19b1a680a58dab8ee9c3113c345ba203547ca01d15
-
SSDEEP
12288:iaAchpWsuVTv7ItY8XljyypHP7cOLBev03hlULsmWZ++09ZcKDVsgdeU:zAEENIq8XwyVPQclDq/+WnpsSeU
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-