General
-
Target
14f834063c40133fdefcdbd19a7812c8_JaffaCakes118
-
Size
758KB
-
Sample
240627-g33wmayfkl
-
MD5
14f834063c40133fdefcdbd19a7812c8
-
SHA1
1160b1bf5c5ad7da930e61cb551567d46c776978
-
SHA256
ca49d40f50afa04de7070c16f4c85a92eeed5e5dcbb03b59d0c416f2b5fa2d92
-
SHA512
883565109505dc171247f8dcfd1d98b9043308055e8bd1be3c2efee8dee90fdd32a85be476259f29047ac8bf9f0334bfef96c79cd7b10a40c010ebfbbe99bcf1
-
SSDEEP
12288:yzSF3nFo/1NATB7Ilv18BqIWioYcpVVpEeiO0kDjy6eindvQr:zpnqfATtIEiCGpxioS2Qr
Malware Config
Targets
-
-
Target
14f834063c40133fdefcdbd19a7812c8_JaffaCakes118
-
Size
758KB
-
MD5
14f834063c40133fdefcdbd19a7812c8
-
SHA1
1160b1bf5c5ad7da930e61cb551567d46c776978
-
SHA256
ca49d40f50afa04de7070c16f4c85a92eeed5e5dcbb03b59d0c416f2b5fa2d92
-
SHA512
883565109505dc171247f8dcfd1d98b9043308055e8bd1be3c2efee8dee90fdd32a85be476259f29047ac8bf9f0334bfef96c79cd7b10a40c010ebfbbe99bcf1
-
SSDEEP
12288:yzSF3nFo/1NATB7Ilv18BqIWioYcpVVpEeiO0kDjy6eindvQr:zpnqfATtIEiCGpxioS2Qr
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-