darkcomet | 7a1ca101230d4fa5aea914f6a5ac79b7fe3ccb327a616dfd3bb373579a023705 | Triage

Sharing

General

Target

7a1ca101230d4fa5aea914f6a5ac79b7fe3ccb327a616dfd3bb373579a023705
Size

318KB
Sample

201109-bxjltj856x
MD5

c43368f068d979fcbbd9743b0bf4a437
SHA1

e2fb960a64aae3ee04a6f1afea112b200b278ba5
SHA256

7a1ca101230d4fa5aea914f6a5ac79b7fe3ccb327a616dfd3bb373579a023705
SHA512

05d04ec65a4bd9eec461ac77be10e0fe222b182cfe3711f9472e03ced12ca3f046a1db8dce28dd1678c52230d0f57a1390612e10736f1ec0c5ba9ac270d00ce6

Score

10^/10

darkcomet persistence rat trojan upx

Malware Config

Targets

- Target
  
  7a1ca101230d4fa5aea914f6a5ac79b7fe3ccb327a616dfd3bb373579a023705
- Size
  
  318KB
- MD5
  
  c43368f068d979fcbbd9743b0bf4a437
- SHA1
  
  e2fb960a64aae3ee04a6f1afea112b200b278ba5
- SHA256
  
  7a1ca101230d4fa5aea914f6a5ac79b7fe3ccb327a616dfd3bb373579a023705
- SHA512
  
  05d04ec65a4bd9eec461ac77be10e0fe222b182cfe3711f9472e03ced12ca3f046a1db8dce28dd1678c52230d0f57a1390612e10736f1ec0c5ba9ac270d00ce6
Score

10^/10

darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojan

behavioral2

darkcometpersistencerattrojan