darkcomet | df4b70d17b65cf70d80d63f0a8bf908e6d0a625166449d61649ff93b5dee3e03 | Triage

Sharing

General

Target

df4b70d17b65cf70d80d63f0a8bf908e6d0a625166449d61649ff93b5dee3e03
Size

333KB
Sample

201109-srw5rlt5hs
MD5

de58f2382c3d29a65f6c391d5ab06726
SHA1

3b783d1db12d0a0eef3071b2acb72eba1b16d98c
SHA256

df4b70d17b65cf70d80d63f0a8bf908e6d0a625166449d61649ff93b5dee3e03
SHA512

7e06e83eddbc8b6ee4c6bc9f3b30fde51ded69c40f36442d96846300491ff7547e30966bd962d6f8f101f53953327ef1b1ecc2f1f458b55362331508c20600c8

Score

10^/10

darkcomet persistence rat trojan

Malware Config

Targets

- Target
  
  df4b70d17b65cf70d80d63f0a8bf908e6d0a625166449d61649ff93b5dee3e03
- Size
  
  333KB
- MD5
  
  de58f2382c3d29a65f6c391d5ab06726
- SHA1
  
  3b783d1db12d0a0eef3071b2acb72eba1b16d98c
- SHA256
  
  df4b70d17b65cf70d80d63f0a8bf908e6d0a625166449d61649ff93b5dee3e03
- SHA512
  
  7e06e83eddbc8b6ee4c6bc9f3b30fde51ded69c40f36442d96846300491ff7547e30966bd962d6f8f101f53953327ef1b1ecc2f1f458b55362331508c20600c8
Score

10^/10

darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojan

behavioral2

darkcometpersistencerattrojan