Overview

overview

10

Static

static

10

03a22b6d07...18.exe

windows7-x64

10

03a22b6d07...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03a22b6d07df2bd19c344f7faa67f23b_JaffaCakes118

  • Size

    760KB

  • Sample

    240622-x8bmbs1fka

  • MD5

    03a22b6d07df2bd19c344f7faa67f23b

  • SHA1

    27c22892f487f743ac3c7d350c55c500d0d81442

  • SHA256

    690caca649044f52e130da39f07ec889c2bc242cf66de80208d26eb35644202d

  • SHA512

    8995472e47610c8de7e39f75f9aa3428b644a5b781e207ac29960ff5bcc6c1ebb0c06261d10a77b2b5f270f3f54d9a7a28c2e41f7fcf020dc4f2d22f7eaaadc0

  • SSDEEP

    12288:w3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RT:GOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgbd

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-HZNJMJ4

Attributes
  • gencode

    K60kJKxnEGdo

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      03a22b6d07df2bd19c344f7faa67f23b_JaffaCakes118

    • Size

      760KB

    • MD5

      03a22b6d07df2bd19c344f7faa67f23b

    • SHA1

      27c22892f487f743ac3c7d350c55c500d0d81442

    • SHA256

      690caca649044f52e130da39f07ec889c2bc242cf66de80208d26eb35644202d

    • SHA512

      8995472e47610c8de7e39f75f9aa3428b644a5b781e207ac29960ff5bcc6c1ebb0c06261d10a77b2b5f270f3f54d9a7a28c2e41f7fcf020dc4f2d22f7eaaadc0

    • SSDEEP

      12288:w3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RT:GOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgbd

    Score
    10/10
    darkcometguest16rattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks