darkcomet | 8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45 | Triage

Sharing

General

Target

8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
Size

658KB
Sample

210513-l2trracj5x
MD5

30c9f541275eafce10bd119505bed37c
SHA1

b1bb5fd7c85dba4bd2b233a73f9327e60118d297
SHA256

8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
SHA512

2e5f01de124f7dad83dd55a34f3312d0a0b8320ae28bd2a5f0984c476e42e72a59199f6df7dfacf3b9f27f700273ae8c86a1b1d6f510e86ba104e3bc3a6d8261

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

rekkam123.duckdns.org:1604

192.168.1.5:1604

Mutex

DC_MUTEX-BG9WBR4

Attributes

gencode
SYWnfcEMScu0
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
- Size
  
  658KB
- MD5
  
  30c9f541275eafce10bd119505bed37c
- SHA1
  
  b1bb5fd7c85dba4bd2b233a73f9327e60118d297
- SHA256
  
  8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
- SHA512
  
  2e5f01de124f7dad83dd55a34f3312d0a0b8320ae28bd2a5f0984c476e42e72a59199f6df7dfacf3b9f27f700273ae8c86a1b1d6f510e86ba104e3bc3a6d8261
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan