darkcomet | 46f959802bfe4cd6cca8b2ca060c011574398c18786d51e396a3d548212c1eb8 | Triage

Submit
Reports

Overview

overview

Static

static

46f959802b...b8.exe

windows7_x64

8

46f959802b...b8.exe

windows10_x64

Sharing

General

Target

46f959802bfe4cd6cca8b2ca060c011574398c18786d51e396a3d548212c1eb8
Size

1.5MB
Sample

200629-992fbxg84e
MD5

14215b81e638891bb1cce7ea2d2d21ec
SHA1

f4b38f56af2c721af77c8840d11cce7d76b8973d
SHA256

46f959802bfe4cd6cca8b2ca060c011574398c18786d51e396a3d548212c1eb8
SHA512

9b6b6479dac63396bbdcb611fda51c6bf555de07db67486d72e4a6056e7ab218cdee2d639b12f5e518cc5b7145d3253e8eb7c15be91a6eb304b8678e1e306671

Score

10^/10

darkcomet persistence rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

46f959802bfe4cd6cca8b2ca060c011574398c18786d51e396a3d548212c1eb8.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

46f959802bfe4cd6cca8b2ca060c011574398c18786d51e396a3d548212c1eb8.exe

Resource

win10

darkcomet persistence rat trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  46f959802bfe4cd6cca8b2ca060c011574398c18786d51e396a3d548212c1eb8
- Size
  
  1.5MB
- MD5
  
  14215b81e638891bb1cce7ea2d2d21ec
- SHA1
  
  f4b38f56af2c721af77c8840d11cce7d76b8973d
- SHA256
  
  46f959802bfe4cd6cca8b2ca060c011574398c18786d51e396a3d548212c1eb8
- SHA512
  
  9b6b6479dac63396bbdcb611fda51c6bf555de07db67486d72e4a6056e7ab218cdee2d639b12f5e518cc5b7145d3253e8eb7c15be91a6eb304b8678e1e306671
Score

10^/10

upx darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

darkcometpersistencerattrojanupx

© 2018-2024

Terms | Privacy