d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

General
Target

d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

Size

658KB

Sample

220521-w7cmkabah4

Score
10 /10
MD5

dab4861a538d1e9d430e5927300c7015

SHA1

856ceb3502a25ce1d797633ad044dcbd15d863ae

SHA256

d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

SHA512

efad47acde5489558c5209a5cf8ab0be2e7c5b87717386e847f8479173c876b094a3cddb12b72cc15e28d88b9fb2e1f898192277819bc3ef46fcf1f789a749c8

Malware Config

Extracted

Family darkcomet
Botnet Guest16
C2

127.0.0.1:1604

Attributes
gencode
xDlTmLr5pBav
install
false
offline_keylogger
true
persistence
false
Targets
Target

d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

MD5

dab4861a538d1e9d430e5927300c7015

Filesize

658KB

Score
10/10
SHA1

856ceb3502a25ce1d797633ad044dcbd15d863ae

SHA256

d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

SHA512

efad47acde5489558c5209a5cf8ab0be2e7c5b87717386e847f8479173c876b094a3cddb12b72cc15e28d88b9fb2e1f898192277819bc3ef46fcf1f789a749c8

Tags

Signatures

  • Darkcomet

    Description

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        10/10

                        behavioral1

                        10/10

                        behavioral2

                        10/10