darkcomet | af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d | Triage

Submit
Reports

Overview

overview

Static

static

af17bb49ac...6d.exe

windows10_x64

Sharing

General

Target

af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
Size

468KB
Sample

210722-fpz3g4w52n
MD5

8632593eb23946bc88b82d9d168999fe
SHA1

700bd5356eacb98850579cc9040f6b23766bc6a8
SHA256

af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
SHA512

a73b25496628fab12efd653b4c73be2db5ffe3d3e64d5b383b57507ccbb8a1ec0ea7bc10502d789d6c4e4485b1d1eae46b6bcfe29cd6b9e9fc85cd3f8b76577d

Score

10^/10

darkcomet persistence rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d.exe

Resource

win10v20210410

darkcomet persistence rat trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
- Size
  
  468KB
- MD5
  
  8632593eb23946bc88b82d9d168999fe
- SHA1
  
  700bd5356eacb98850579cc9040f6b23766bc6a8
- SHA256
  
  af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
- SHA512
  
  a73b25496628fab12efd653b4c73be2db5ffe3d3e64d5b383b57507ccbb8a1ec0ea7bc10502d789d6c4e4485b1d1eae46b6bcfe29cd6b9e9fc85cd3f8b76577d
Score

10^/10

darkcomet persistence rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojanupx

© 2018-2024

Terms | Privacy