darkcomet | 78d9b951e8a890aaddc1cc31116708800b3851f4f4c073c72325c26c6e407d2c | Triage

Submit
Reports

Overview

overview

Static

static

78d9b951e8...2c.exe

windows7_x64

78d9b951e8...2c.exe

windows10_x64

Sharing

General

Target

78d9b951e8a890aaddc1cc31116708800b3851f4f4c073c72325c26c6e407d2c
Size

545KB
Sample

210515-z7m8thcf62
MD5

e2c65291f42b8587e4f3bdcfc0c114f0
SHA1

4da09c5b590a278cb38c35c2233ff39d4b4bc788
SHA256

78d9b951e8a890aaddc1cc31116708800b3851f4f4c073c72325c26c6e407d2c
SHA512

6c2398e7646e6670fef030792ea533a271be67b3e995111b33a05faa2a05a288804f6c085f9841aed53366a9586a764ee0aea27a5e0a42efcb746cc3191e437a

Score

10^/10

darkcomet persistence rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

78d9b951e8a890aaddc1cc31116708800b3851f4f4c073c72325c26c6e407d2c.exe

Resource

win7v20210410

darkcomet persistence rat trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

78d9b951e8a890aaddc1cc31116708800b3851f4f4c073c72325c26c6e407d2c.exe

Resource

win10v20210410

darkcomet persistence rat trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  78d9b951e8a890aaddc1cc31116708800b3851f4f4c073c72325c26c6e407d2c
- Size
  
  545KB
- MD5
  
  e2c65291f42b8587e4f3bdcfc0c114f0
- SHA1
  
  4da09c5b590a278cb38c35c2233ff39d4b4bc788
- SHA256
  
  78d9b951e8a890aaddc1cc31116708800b3851f4f4c073c72325c26c6e407d2c
- SHA512
  
  6c2398e7646e6670fef030792ea533a271be67b3e995111b33a05faa2a05a288804f6c085f9841aed53366a9586a764ee0aea27a5e0a42efcb746cc3191e437a
Score

10^/10

darkcomet persistence rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojanupx

behavioral2

darkcometpersistencerattrojanupx

© 2018-2024

Terms | Privacy