Extracted

• • Target

    JaffaCakes118_98e5f335a2c2bbfe4a93c31b368657a1

  • Size

    1.7MB

  • MD5

    98e5f335a2c2bbfe4a93c31b368657a1

  • SHA1

    8ce3ba02818bd085cf3ebf257352adf1d9572f34

  • SHA256

    a6fde14766765f1017d43c3656378c61afe03afbb5f642dd25d563bf871b3a72

  • SHA512

    77ea8eadf4d873ad28e853dabe37cebf87872ca7da2ddc2d2cb2677b3e11c372f9c649b2ff0a003e9106d245f5850336ee988ab463024138b5f98b6e28f4f2b3

  • SSDEEP

    24576:DF8Dcs6W9lhchAdOfVmrdDuOr1Hna8gZXC9dAcAQJGM2OfNFnFo6GwwMsJNZe5VV:ZsPg9mr1fRHAC882OFTo6lXLaE

  Score

  10^/10

  darkcometguest1defense_evasiondiscoveryrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Darkcomet family

    darkcomet

  • Windows security bypass

    defense_evasiontrojan

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Executes dropped EXE

  • Windows security modification

    defense_evasiontrojan
  behavioral1behavioral2