Overview

overview

10

Static

static

10

345897ca6f...2b.exe

windows7_x64

10

345897ca6f...2b.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    345897ca6fb51912b4e904e02592142b

  • Size

    658KB

  • Sample

    201214-6xd2zx2x82

  • MD5

    345897ca6fb51912b4e904e02592142b

  • SHA1

    b017042a6cbc079f627d6619b0318d2fcc15e923

  • SHA256

    6d3377e9fe7662f985188bcb510b078aea81721ed4f801f096032ae2e397b877

  • SHA512

    1ccfe851fbb547a7cff8061467785949cdf6ea8d95d43628bb43424ce9c94bf5c29c3b3e1635ba409734bf4ccaa54653964a432267db703cd86b041b4bd49cb4

Score
10/10
darkcometsazanrattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Sazan

C2

heysenhacker.duckdns.org:1604

Mutex

DC_MUTEX-XGGJRBW

Attributes
  • gencode

    6ntck8wkkSat

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      345897ca6fb51912b4e904e02592142b

    • Size

      658KB

    • MD5

      345897ca6fb51912b4e904e02592142b

    • SHA1

      b017042a6cbc079f627d6619b0318d2fcc15e923

    • SHA256

      6d3377e9fe7662f985188bcb510b078aea81721ed4f801f096032ae2e397b877

    • SHA512

      1ccfe851fbb547a7cff8061467785949cdf6ea8d95d43628bb43424ce9c94bf5c29c3b3e1635ba409734bf4ccaa54653964a432267db703cd86b041b4bd49cb4

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks