Overview

overview

10

Static

static

10

a207dcc816...33.exe

windows7_x64

10

a207dcc816...33.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a207dcc816a09d6e115c0a08015779c283906a358b66c94d531df9f6e73b1033

  • Size

    658KB

  • Sample

    200706-l7ww6c3b92

  • MD5

    b4be767713b4dd3de76564678e8e0002

  • SHA1

    6082c913e9f52cb73b479836b355d6ce704ff263

  • SHA256

    a207dcc816a09d6e115c0a08015779c283906a358b66c94d531df9f6e73b1033

  • SHA512

    a095aedf5bfa38c06d62962310c73f36ee83d6977cf2e57044735c775cedd67846d26e8bb9d9ee4e97f3fc10b3953da19ce6949a36f143bea83c1db0b8b8378a

Score
10/10
darkcometno spicrattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

No Spic

C2

192.168.1.2:1604

192.168.1.2:27015

fifso977.hopto.org:27015

fifso977.hopto.org:1604

192.168.0.104:1604
Mutex

DC_MUTEX-QZQ0B57

Attributes
  • gencode

    aTaFa3u0dNjV

  • install

    false

  • offline_keylogger

    false

  • persistence

    false

Targets

    • Target

      a207dcc816a09d6e115c0a08015779c283906a358b66c94d531df9f6e73b1033

    • Size

      658KB

    • MD5

      b4be767713b4dd3de76564678e8e0002

    • SHA1

      6082c913e9f52cb73b479836b355d6ce704ff263

    • SHA256

      a207dcc816a09d6e115c0a08015779c283906a358b66c94d531df9f6e73b1033

    • SHA512

      a095aedf5bfa38c06d62962310c73f36ee83d6977cf2e57044735c775cedd67846d26e8bb9d9ee4e97f3fc10b3953da19ce6949a36f143bea83c1db0b8b8378a

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks