General
-
Target
1d7c6be9fa4ae8b1fc38353f9128defb_JaffaCakes118
-
Size
1.1MB
-
Sample
240702-z7ptnsthmj
-
MD5
1d7c6be9fa4ae8b1fc38353f9128defb
-
SHA1
baa78b59546fe20690306b2b51d0a8706b819bb0
-
SHA256
45ab1979854a77e9dd0aee9c1c70816b78d39c2bf08bcbcec00eece2648df531
-
SHA512
fd50008d3a80dd12a72d93e8b26f2f65be1f98abce4302e9e18c7499b572047299defb1bb54ef756a8298b5c062276f6fbc5575952d0679e4a34abae350e8e29
-
SSDEEP
24576:fyBgFB2EoTKXtnOwd9LaJIBwhXEtiUwnBrh7512KZ1X:qBgRoTWnOwHzTwbV1f1X
Malware Config
Targets
-
-
Target
1d7c6be9fa4ae8b1fc38353f9128defb_JaffaCakes118
-
Size
1.1MB
-
MD5
1d7c6be9fa4ae8b1fc38353f9128defb
-
SHA1
baa78b59546fe20690306b2b51d0a8706b819bb0
-
SHA256
45ab1979854a77e9dd0aee9c1c70816b78d39c2bf08bcbcec00eece2648df531
-
SHA512
fd50008d3a80dd12a72d93e8b26f2f65be1f98abce4302e9e18c7499b572047299defb1bb54ef756a8298b5c062276f6fbc5575952d0679e4a34abae350e8e29
-
SSDEEP
24576:fyBgFB2EoTKXtnOwd9LaJIBwhXEtiUwnBrh7512KZ1X:qBgRoTWnOwHzTwbV1f1X
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-