Overview

overview

10

Static

static

10

317fa1c53c...e0.exe

windows7-x64

10

317fa1c53c...e0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    317fa1c53cc4c6b6856870beb96c644ee502ccf3cee0eb680704a24ce19e87e0

  • Size

    658KB

  • Sample

    220725-ajftesfabk

  • MD5

    511e143be757301d22af747e088652ca

  • SHA1

    aa7bf912e10d369171312cbe51f972580853bc00

  • SHA256

    317fa1c53cc4c6b6856870beb96c644ee502ccf3cee0eb680704a24ce19e87e0

  • SHA512

    409fe87dec2fc21eb874557aeca9560d9218a74e9b78fac3341964cf0fd8108b3902c9775306797fa5e1c3816330098d94c2b039c947bd7dff613cf367952521

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-YQ9KTNY

Attributes
  • gencode

    BylBoULwFXF5

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      317fa1c53cc4c6b6856870beb96c644ee502ccf3cee0eb680704a24ce19e87e0

    • Size

      658KB

    • MD5

      511e143be757301d22af747e088652ca

    • SHA1

      aa7bf912e10d369171312cbe51f972580853bc00

    • SHA256

      317fa1c53cc4c6b6856870beb96c644ee502ccf3cee0eb680704a24ce19e87e0

    • SHA512

      409fe87dec2fc21eb874557aeca9560d9218a74e9b78fac3341964cf0fd8108b3902c9775306797fa5e1c3816330098d94c2b039c947bd7dff613cf367952521

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks