Overview

overview

10

Static

static

10

09a8dc5b0c...80.exe

windows7-x64

10

09a8dc5b0c...80.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    09a8dc5b0c24ad212d17bf420ccb094671644372ae3f4d451ba9c0d81c4b8280

  • Size

    658KB

  • Sample

    220731-ntpe7secb9

  • MD5

    989fcc38575b2a104408b08dadfd9d0c

  • SHA1

    1199b6165ed3a2046b3ea52d05f112b16f0e5d17

  • SHA256

    09a8dc5b0c24ad212d17bf420ccb094671644372ae3f4d451ba9c0d81c4b8280

  • SHA512

    0489a964771f1fc0d5a4b4dcedd5c45510bedf9d07e9cf75856378635d2f8e7e512944b2389c6ca2c76f395c4159c57bef3ccf6aab47c87724913783fd159c7c

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-D07MLDA

Attributes
  • gencode

    EyrzkokwkED0

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      09a8dc5b0c24ad212d17bf420ccb094671644372ae3f4d451ba9c0d81c4b8280

    • Size

      658KB

    • MD5

      989fcc38575b2a104408b08dadfd9d0c

    • SHA1

      1199b6165ed3a2046b3ea52d05f112b16f0e5d17

    • SHA256

      09a8dc5b0c24ad212d17bf420ccb094671644372ae3f4d451ba9c0d81c4b8280

    • SHA512

      0489a964771f1fc0d5a4b4dcedd5c45510bedf9d07e9cf75856378635d2f8e7e512944b2389c6ca2c76f395c4159c57bef3ccf6aab47c87724913783fd159c7c

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks