General

  • Target

    d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

  • Size

    658KB

  • Sample

    220521-w7cmkabah4

  • MD5

    dab4861a538d1e9d430e5927300c7015

  • SHA1

    856ceb3502a25ce1d797633ad044dcbd15d863ae

  • SHA256

    d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

  • SHA512

    efad47acde5489558c5209a5cf8ab0be2e7c5b87717386e847f8479173c876b094a3cddb12b72cc15e28d88b9fb2e1f898192277819bc3ef46fcf1f789a749c8

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-CP4TNG4

Attributes
  • gencode

    xDlTmLr5pBav

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

    • Size

      658KB

    • MD5

      dab4861a538d1e9d430e5927300c7015

    • SHA1

      856ceb3502a25ce1d797633ad044dcbd15d863ae

    • SHA256

      d12109fb1e3646727c8d9a830281dd7d58c2b8b71da89be28b8b4838aa8aa0e8

    • SHA512

      efad47acde5489558c5209a5cf8ab0be2e7c5b87717386e847f8479173c876b094a3cddb12b72cc15e28d88b9fb2e1f898192277819bc3ef46fcf1f789a749c8

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks