Overview

overview

10

Static

static

3

10dd83b74f...18.exe

windows7-x64

10

10dd83b74f...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10dd83b74fc60a383f669d84bf277a08_JaffaCakes118

  • Size

    892KB

  • Sample

    240626-f3p44axdre

  • MD5

    10dd83b74fc60a383f669d84bf277a08

  • SHA1

    11391c935830b496e08934fb0741843019a360a2

  • SHA256

    7d319cc32fd706ed822cb6d3f12fa8bfbb18e9fb818bb4fc4fcb4946ddab1b27

  • SHA512

    076e300c84477829ba3f1383015874f65dde90fe2026115078997df887dd5322b001c8e80d6af3ae27b2838e7979ae32da6e13a0db1caafdb33e95019896615e

  • SSDEEP

    24576:qRfthlNHUOfMw26U2XNKbE2jMCOHUeZ+D:qdd5T+

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

alain.no-ip.biz:82

Mutex

DC_MUTEX-YTJXQSF

Attributes
  • gencode

    n9N66TVsd5tb

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      10dd83b74fc60a383f669d84bf277a08_JaffaCakes118

    • Size

      892KB

    • MD5

      10dd83b74fc60a383f669d84bf277a08

    • SHA1

      11391c935830b496e08934fb0741843019a360a2

    • SHA256

      7d319cc32fd706ed822cb6d3f12fa8bfbb18e9fb818bb4fc4fcb4946ddab1b27

    • SHA512

      076e300c84477829ba3f1383015874f65dde90fe2026115078997df887dd5322b001c8e80d6af3ae27b2838e7979ae32da6e13a0db1caafdb33e95019896615e

    • SSDEEP

      24576:qRfthlNHUOfMw26U2XNKbE2jMCOHUeZ+D:qdd5T+

    Score
    10/10
    darkcometguest16rattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks