Overview

overview

10

Static

static

3

1a5e5da547...18.exe

windows7-x64

10

1a5e5da547...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a5e5da547bc663758935c6645f14bce_JaffaCakes118

  • Size

    785KB

  • Sample

    240628-q6sdqssgqg

  • MD5

    1a5e5da547bc663758935c6645f14bce

  • SHA1

    ee3e2961565336ef8636a772dfe3ad58ff34ceff

  • SHA256

    ac6c4b93f07e35bd7520b13a957f0284510a778bb10f03b2a7d9909201131ec9

  • SHA512

    67a00f8cf11f95b5c80ee9249a3cad7feead7ec1372c14a6a5661d9bf2a7523d816c8a72032bb4aad79efc1acbf3b5a8d15f31a760bddcaf8ad0c66d3f7b3fe0

  • SSDEEP

    12288:4l1S8FkVsuuQKFEG2wSywBNNYBO4V1uaiK/lGRgOUqmq9kR6lhKX4aVTp6CxSE5b:+kC53EGiSQ/K/cRgOnmq9g6v6pfh5b

Score
10/10
darkcometrattrojan

Malware Config

Targets

    • Target

      1a5e5da547bc663758935c6645f14bce_JaffaCakes118

    • Size

      785KB

    • MD5

      1a5e5da547bc663758935c6645f14bce

    • SHA1

      ee3e2961565336ef8636a772dfe3ad58ff34ceff

    • SHA256

      ac6c4b93f07e35bd7520b13a957f0284510a778bb10f03b2a7d9909201131ec9

    • SHA512

      67a00f8cf11f95b5c80ee9249a3cad7feead7ec1372c14a6a5661d9bf2a7523d816c8a72032bb4aad79efc1acbf3b5a8d15f31a760bddcaf8ad0c66d3f7b3fe0

    • SSDEEP

      12288:4l1S8FkVsuuQKFEG2wSywBNNYBO4V1uaiK/lGRgOUqmq9kR6lhKX4aVTp6CxSE5b:+kC53EGiSQ/K/cRgOnmq9g6v6pfh5b

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks