darkcomet | fee0b02e4e0358d8025fa74d2780dd557c2de871e03a82b3dd7aadaf451ea1a3 | Triage

Sharing

General

Target

fee0b02e4e0358d8025fa74d2780dd557c2de871e03a82b3dd7aadaf451ea1a3
Size

252KB
Sample

200624-rzrzf9b88e
MD5

713b3ec26323a5156e0c484b32498c7a
SHA1

6df0df8a8f05baf524014d47f7e273d408fcfa16
SHA256

fee0b02e4e0358d8025fa74d2780dd557c2de871e03a82b3dd7aadaf451ea1a3
SHA512

bc76f98af44b8693f20fb5d7e1902fa2214668048c45b013f2b14d71316650f942ab323dfd6cf30e48ce840e94ec2decbe6d49d7bafbfe6d93879168f7b73a0f

Score

10^/10

darkcomet persistence rat trojan upx

Malware Config

Targets

- Target
  
  fee0b02e4e0358d8025fa74d2780dd557c2de871e03a82b3dd7aadaf451ea1a3
- Size
  
  252KB
- MD5
  
  713b3ec26323a5156e0c484b32498c7a
- SHA1
  
  6df0df8a8f05baf524014d47f7e273d408fcfa16
- SHA256
  
  fee0b02e4e0358d8025fa74d2780dd557c2de871e03a82b3dd7aadaf451ea1a3
- SHA512
  
  bc76f98af44b8693f20fb5d7e1902fa2214668048c45b013f2b14d71316650f942ab323dfd6cf30e48ce840e94ec2decbe6d49d7bafbfe6d93879168f7b73a0f
Score

10^/10

darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojan

behavioral2

darkcometpersistencerattrojan