Extracted

Extracted

• • Target

    JaffaCakes118_94ec8fdf1581f256ea078ee520e2666e

  • Size

    501KB

  • MD5

    94ec8fdf1581f256ea078ee520e2666e

  • SHA1

    61cbc6e9652f435b7a524e22726bb25aa5ad507d

  • SHA256

    1fe23f2a3cae5c252fce011484c5e25f545bb6b45b4f28fd73901ebe2bafccf8

  • SHA512

    662bfba1f73c910473a93ee24b73e631c1cb0b40774a12a8d503259a5d87d22a4b380151558215a169b241bd6aa5f9ad92b39a257181bcae82af6a4d45c025a7

  • SSDEEP

    12288:7FEuFzdodXf3wxH5fKy86zgbAL5EDWeSizzA78LH0tDsBQJ:7FPzdo1f3aH5VTga5EDoiPA4L0XJ

  Score

  10^/10

  darkcometdiscoveryrattrojan21/8persistence

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Uses the VBS compiler for execution

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2