darkcomet | 8cd7d6ad6c2ef4704a7b4e090c31e43fb32ed02ca81007c190dbb4938c9e526d | Triage

Sharing

General

Target

73f6740e7be932c1cc001494c900a43a
Size

251KB
Sample

201025-a43az4x65j
MD5

73f6740e7be932c1cc001494c900a43a
SHA1

6d1593b508f4631b63215a7660f423bb3b8506f3
SHA256

8cd7d6ad6c2ef4704a7b4e090c31e43fb32ed02ca81007c190dbb4938c9e526d
SHA512

d3e954a10d08931fb56ef1b54619221edd68b81674f8ed1f00c536e39655b6254d2367ea03287637dd7d701c35773f208faa387f04114fa47fd6a315a45d9872

Score

10^/10

darkcomet persistence rat trojan upx

Malware Config

Targets

- Target
  
  73f6740e7be932c1cc001494c900a43a
- Size
  
  251KB
- MD5
  
  73f6740e7be932c1cc001494c900a43a
- SHA1
  
  6d1593b508f4631b63215a7660f423bb3b8506f3
- SHA256
  
  8cd7d6ad6c2ef4704a7b4e090c31e43fb32ed02ca81007c190dbb4938c9e526d
- SHA512
  
  d3e954a10d08931fb56ef1b54619221edd68b81674f8ed1f00c536e39655b6254d2367ea03287637dd7d701c35773f208faa387f04114fa47fd6a315a45d9872
Score

10^/10

darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojan

behavioral2

darkcometpersistencerattrojan