Overview

overview

10

Static

static

10

20d4b54843...e8.exe

windows7_x64

10

20d4b54843...e8.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20d4b54843f2c43552ad88eb0f534187038e2bb93f62bcb458d3f6c75e28e1e8

  • Size

    658KB

  • Sample

    220708-s8rakagecl

  • MD5

    ac48218528fd80af29586401f52f81d1

  • SHA1

    61676afa26671346fbbbde6a7c7907f01a8a5798

  • SHA256

    20d4b54843f2c43552ad88eb0f534187038e2bb93f62bcb458d3f6c75e28e1e8

  • SHA512

    a0ea01d4c171392e011d05236a3ec1e2469f597adf3cc7f5f65de13be10b2eaab43e321a3e422af0e2f1a6dfba4e3cb55cef57c9363acb0a0608743d2841e7b4

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-NNCF203

Attributes
  • gencode

    L2yQerGwvVyU

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      20d4b54843f2c43552ad88eb0f534187038e2bb93f62bcb458d3f6c75e28e1e8

    • Size

      658KB

    • MD5

      ac48218528fd80af29586401f52f81d1

    • SHA1

      61676afa26671346fbbbde6a7c7907f01a8a5798

    • SHA256

      20d4b54843f2c43552ad88eb0f534187038e2bb93f62bcb458d3f6c75e28e1e8

    • SHA512

      a0ea01d4c171392e011d05236a3ec1e2469f597adf3cc7f5f65de13be10b2eaab43e321a3e422af0e2f1a6dfba4e3cb55cef57c9363acb0a0608743d2841e7b4

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks