General
-
Target
JaffaCakes118_b6e5215ec551821cab64e07f7c735a02
-
Size
272KB
-
Sample
250414-hd31rssvcx
-
MD5
b6e5215ec551821cab64e07f7c735a02
-
SHA1
f2f128709f4098f8074a54d7a9ffea9421b1dda1
-
SHA256
904de454c89e34764e5b9a0389627446b1fd8b00be464abcc798badd8a7b1a44
-
SHA512
5dc7133a54b2dd6f6a48ccf8e5fa8bc6f700d48825a19db25919276ca9e02a1464a050fd0888a028f303f76bf5762e81a150c954c78775743f4a052110d0fb6b
-
SSDEEP
6144:c8z/mxyyh41ilviJwI+DZuGYrFd7HIuAFFfvaw0IF0:62MIw/QGQxHIuALfvaw0IK
Malware Config
Extracted
darkcomet
Guest16
127.0.0.1:1604
DC_MUTEX-F54S21D
-
gencode
9FS7vWAib+w�
-
install
false
-
offline_keylogger
false
-
persistence
false
Targets
-
-
Target
JaffaCakes118_b6e5215ec551821cab64e07f7c735a02
-
Size
272KB
-
MD5
b6e5215ec551821cab64e07f7c735a02
-
SHA1
f2f128709f4098f8074a54d7a9ffea9421b1dda1
-
SHA256
904de454c89e34764e5b9a0389627446b1fd8b00be464abcc798badd8a7b1a44
-
SHA512
5dc7133a54b2dd6f6a48ccf8e5fa8bc6f700d48825a19db25919276ca9e02a1464a050fd0888a028f303f76bf5762e81a150c954c78775743f4a052110d0fb6b
-
SSDEEP
6144:c8z/mxyyh41ilviJwI+DZuGYrFd7HIuAFFfvaw0IF0:62MIw/QGQxHIuALfvaw0IK
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Darkcomet family
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-