darkcomet | 8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45 | Triage

Sharing

General

Target

8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
Size

658KB
Sample

210513-l2trracj5x
MD5

30c9f541275eafce10bd119505bed37c
SHA1

b1bb5fd7c85dba4bd2b233a73f9327e60118d297
SHA256

8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
SHA512

2e5f01de124f7dad83dd55a34f3312d0a0b8320ae28bd2a5f0984c476e42e72a59199f6df7dfacf3b9f27f700273ae8c86a1b1d6f510e86ba104e3bc3a6d8261

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

rekkam123.duckdns.org:1604

192.168.1.5:1604

Mutex

DC_MUTEX-BG9WBR4

Attributes

gencode
SYWnfcEMScu0
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
- Size
  
  658KB
- MD5
  
  30c9f541275eafce10bd119505bed37c
- SHA1
  
  b1bb5fd7c85dba4bd2b233a73f9327e60118d297
- SHA256
  
  8658550bc56469ef02c69d7ac3f0749e173fca486d09298bd3c305f352b07e45
- SHA512
  
  2e5f01de124f7dad83dd55a34f3312d0a0b8320ae28bd2a5f0984c476e42e72a59199f6df7dfacf3b9f27f700273ae8c86a1b1d6f510e86ba104e3bc3a6d8261
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan