darkcomet | 0964729cb05fbea81fe2e9c0c36b4064603d18b912c4bec387a0e71c51c8e458 | Triage

Sharing

General

Target

0964729cb05fbea81fe2e9c0c36b4064603d18b912c4bec387a0e71c51c8e458
Size

349KB
Sample

220521-xy3cascgf6
MD5

599361a303e7a4bca2bdcbff170154d8
SHA1

267214e0e8e4a17422e0e91a0f0c5570e56193fe
SHA256

0964729cb05fbea81fe2e9c0c36b4064603d18b912c4bec387a0e71c51c8e458
SHA512

18b94c438b26f47daa72c12f518f8fc3784cbca9df25e4e9d0c8da66a7e74f1d8eb347ac0bed8770b5101169b4a298ca5018377e64cf7649b22f8d6951bcae0f

Score

10^/10

darkcomet goy rat trojan upx

Malware Config

Extracted

Family

darkcomet

Botnet

goy

C2

127.0.0.1:7777

Mutex

DC_MUTEX-UYXBDKE

Attributes

gencode
UBbelSnxUxdg
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  0964729cb05fbea81fe2e9c0c36b4064603d18b912c4bec387a0e71c51c8e458
- Size
  
  349KB
- MD5
  
  599361a303e7a4bca2bdcbff170154d8
- SHA1
  
  267214e0e8e4a17422e0e91a0f0c5570e56193fe
- SHA256
  
  0964729cb05fbea81fe2e9c0c36b4064603d18b912c4bec387a0e71c51c8e458
- SHA512
  
  18b94c438b26f47daa72c12f518f8fc3784cbca9df25e4e9d0c8da66a7e74f1d8eb347ac0bed8770b5101169b4a298ca5018377e64cf7649b22f8d6951bcae0f
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

upxgoydarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan