Extracted

• • Target

    9fa03c7aff5ea9ad90dc5f178b87ee4d79b414814ec1b8c7ee6d2f5685157d07

  • Size

    658KB

  • MD5

    10d86ea86bf22d7dfdfd4fe1e5f174e5

  • SHA1

    c150c81bbd9e79265449e386dd4f2c597de51801

  • SHA256

    9fa03c7aff5ea9ad90dc5f178b87ee4d79b414814ec1b8c7ee6d2f5685157d07

  • SHA512

    548f55237310a8d1bcd07b939364391832e58829b1bf5eaa11cdad7a7ffb58e51a90a7cf7fb29dc992ee5cb6bf9d21a21bd8d40996ea22548346655f03ea22dc

  Score

  10^/10

  darkcometevasionrattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Modifies firewall policy service

    evasion

  • Disables RegEdit via registry modification

    evasion

  • Disables Task Manager via registry modification

    evasion

  • Sets file to hidden

    Modifies file attributes to stop it showing in Explorer etc.

    evasion

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2