darkcomet | bbc8f1873aefb2518b9675fdda8446a2ba7dc159bab9bfd08b40e19b654ea8bb | Triage

Submit
Reports

Overview

overview

Static

static

74556POZ_pdf.exe

windows7_x64

74556POZ_pdf.exe

windows10_x64

Sharing

General

Target

74556POZ_pdf.exe
Size

749KB
Sample

200815-3lwphsfm1j
MD5

8c783ee344384ce8f3282675e961c3c0
SHA1

eb699861cb2ec0fdc2fb736c6f4eba93133f2100
SHA256

bbc8f1873aefb2518b9675fdda8446a2ba7dc159bab9bfd08b40e19b654ea8bb
SHA512

ed6ab8e3d8cc3a6cbbadd944d59f8112d9bb4fba2c73d9d476be4e2a9ab929e4836626e113efb72d184b275ea5c8653494fe6e8834571f0bd89f24b83d913aec

Score

10^/10

darkcomet good news rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

74556POZ_pdf.exe

Resource

win7v200722

darkcomet good news rat trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

74556POZ_pdf.exe

Resource

win10v200722

darkcomet good news rat trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Good News

C2

boki.zapto.org:1905

Mutex

DCMIN_MUTEX-ZAT3FJZ

Attributes

gencode
BrxJcaQU7jzd
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  74556POZ_pdf.exe
- Size
  
  749KB
- MD5
  
  8c783ee344384ce8f3282675e961c3c0
- SHA1
  
  eb699861cb2ec0fdc2fb736c6f4eba93133f2100
- SHA256
  
  bbc8f1873aefb2518b9675fdda8446a2ba7dc159bab9bfd08b40e19b654ea8bb
- SHA512
  
  ed6ab8e3d8cc3a6cbbadd944d59f8112d9bb4fba2c73d9d476be4e2a9ab929e4836626e113efb72d184b275ea5c8653494fe6e8834571f0bd89f24b83d913aec
Score

10^/10

darkcomet good news rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometgood newsrattrojanupx

behavioral2

darkcometgood newsrattrojanupx

© 2018-2024

Terms | Privacy