darkcomet | be3b1f4935d322fc7994d78ab9a9dcf7f5ec5e4001d1abaa534bd4d4ec322ad6 | Triage

Submit
Reports

Overview

overview

Static

static

be3b1f4935...d6.exe

windows7_x64

be3b1f4935...d6.exe

windows10_x64

Sharing

General

Target

be3b1f4935d322fc7994d78ab9a9dcf7f5ec5e4001d1abaa534bd4d4ec322ad6
Size

744KB
Sample

210517-qtphcr7g52
MD5

a019db3bbafc6c2b3e1e42b1f8dc21ae
SHA1

1a6a386444a67f48b25320831ccdb7437181c65f
SHA256

be3b1f4935d322fc7994d78ab9a9dcf7f5ec5e4001d1abaa534bd4d4ec322ad6
SHA512

c49422d469a0fc8c8689ac8193c64cdaf7e68bae1fef65ed30feb29fbc6d03484c1789e6f836cc016d4eb50f6e4ac595a80497ee74d2f6b0d44ce72b8fce2ca5

Score

10^/10

darkcomet guest16 rat trojan upx

Static task

static1

upx guest16 darkcomet

Behavioral task

behavioral1

Sample

be3b1f4935d322fc7994d78ab9a9dcf7f5ec5e4001d1abaa534bd4d4ec322ad6.exe

Resource

win7v20210410

darkcomet guest16 rat trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

be3b1f4935d322fc7994d78ab9a9dcf7f5ec5e4001d1abaa534bd4d4ec322ad6.exe

Resource

win10v20210410

darkcomet rat trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

boreasfgasd.ddns.net:1604

Mutex

DC_MUTEX-C2M4WWM

Attributes

gencode
boVCPNsNcng5
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  be3b1f4935d322fc7994d78ab9a9dcf7f5ec5e4001d1abaa534bd4d4ec322ad6
- Size
  
  744KB
- MD5
  
  a019db3bbafc6c2b3e1e42b1f8dc21ae
- SHA1
  
  1a6a386444a67f48b25320831ccdb7437181c65f
- SHA256
  
  be3b1f4935d322fc7994d78ab9a9dcf7f5ec5e4001d1abaa534bd4d4ec322ad6
- SHA512
  
  c49422d469a0fc8c8689ac8193c64cdaf7e68bae1fef65ed30feb29fbc6d03484c1789e6f836cc016d4eb50f6e4ac595a80497ee74d2f6b0d44ce72b8fce2ca5
Score

10^/10

darkcomet guest16 rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

upxguest16darkcomet

behavioral1

darkcometguest16rattrojanupx

behavioral2

darkcometrattrojan

© 2018-2024

Terms | Privacy