darkcomet | 3a559b5d15021a1e6784979661dc33303aee9e310c5bdfbb36fbae1711641f98 | Triage

Sharing

General

Target

3a559b5d15021a1e6784979661dc33303aee9e310c5bdfbb36fbae1711641f98
Size

333KB
Sample

201113-hvesjlsw42
MD5

84cc9af6101f3cbf7fbad42c76ed5c57
SHA1

c531ee465a90a361bf50106314b18917cc228d30
SHA256

3a559b5d15021a1e6784979661dc33303aee9e310c5bdfbb36fbae1711641f98
SHA512

a62ed7973cffc253084f18b6cb23de2164e13cb5c1ddc2d6c90d97ba0aee1eae5a494717502cf7c36ebdbecad0296f223aa3ffbd2cb6949dce6161c86561eee9

Score

10^/10

darkcomet persistence rat trojan

Malware Config

Targets

- Target
  
  3a559b5d15021a1e6784979661dc33303aee9e310c5bdfbb36fbae1711641f98
- Size
  
  333KB
- MD5
  
  84cc9af6101f3cbf7fbad42c76ed5c57
- SHA1
  
  c531ee465a90a361bf50106314b18917cc228d30
- SHA256
  
  3a559b5d15021a1e6784979661dc33303aee9e310c5bdfbb36fbae1711641f98
- SHA512
  
  a62ed7973cffc253084f18b6cb23de2164e13cb5c1ddc2d6c90d97ba0aee1eae5a494717502cf7c36ebdbecad0296f223aa3ffbd2cb6949dce6161c86561eee9
Score

10^/10

darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojan

behavioral2

darkcometpersistencerattrojan