Overview

overview

10

Static

static

10

addb9f5515...75.exe

windows7-x64

10

addb9f5515...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    addb9f5515f4437e000fc530b8cae82de09440d1cef830206dd59f3925a71e75

  • Size

    756KB

  • Sample

    220725-ajdn3aefh5

  • MD5

    d6039d4e775e33fda4b9b8af49b70e26

  • SHA1

    60a5912dfbb7262b5c6a92f8d2f0994dbc3e3ab1

  • SHA256

    addb9f5515f4437e000fc530b8cae82de09440d1cef830206dd59f3925a71e75

  • SHA512

    399b0a887506ca95f909f5f5f9cefd5756646a4261d630beaf327dfc424850d49e2532942ca2b2b10355f955b400ebf8a38ae0074efb655b544671e02029d772

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

kingaaaa2000@mail.ru:1604

Mutex

DC_MUTEX-DPB0YD4

Attributes
  • gencode

    3i3jEiN3fjtN

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      addb9f5515f4437e000fc530b8cae82de09440d1cef830206dd59f3925a71e75

    • Size

      756KB

    • MD5

      d6039d4e775e33fda4b9b8af49b70e26

    • SHA1

      60a5912dfbb7262b5c6a92f8d2f0994dbc3e3ab1

    • SHA256

      addb9f5515f4437e000fc530b8cae82de09440d1cef830206dd59f3925a71e75

    • SHA512

      399b0a887506ca95f909f5f5f9cefd5756646a4261d630beaf327dfc424850d49e2532942ca2b2b10355f955b400ebf8a38ae0074efb655b544671e02029d772

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks