darkcomet | 077a9062b87736ebfe68a2eaeb4f6ed0f800d3f5ae870a5ab5971960ea3d057f | Triage

Sharing

General

Target

077a9062b87736ebfe68a2eaeb4f6ed0f800d3f5ae870a5ab5971960ea3d057f
Size

318KB
Sample

201113-swz69jcwwn
MD5

1a18650786e0d1dd22683b8f55e9747a
SHA1

e9d1ebb4441b84b5789dbde03951014acae6ab35
SHA256

077a9062b87736ebfe68a2eaeb4f6ed0f800d3f5ae870a5ab5971960ea3d057f
SHA512

1e749a2371d3d0f1c16374419bd84ce93e6e2cd0f158448dd1b600966659b96cd88c3977c9d33a78d1209cce3d460246941be0802742b82443370ab04833cb65

Score

10^/10

darkcomet persistence rat trojan upx

Malware Config

Targets

- Target
  
  077a9062b87736ebfe68a2eaeb4f6ed0f800d3f5ae870a5ab5971960ea3d057f
- Size
  
  318KB
- MD5
  
  1a18650786e0d1dd22683b8f55e9747a
- SHA1
  
  e9d1ebb4441b84b5789dbde03951014acae6ab35
- SHA256
  
  077a9062b87736ebfe68a2eaeb4f6ed0f800d3f5ae870a5ab5971960ea3d057f
- SHA512
  
  1e749a2371d3d0f1c16374419bd84ce93e6e2cd0f158448dd1b600966659b96cd88c3977c9d33a78d1209cce3d460246941be0802742b82443370ab04833cb65
Score

10^/10

darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojan

behavioral2

darkcometpersistencerattrojan