General
-
Target
41d83459aad53dd5da4346d33bd8df6648f7da7a12a0ebc5f0e8aeb1bb4ebed9
-
Size
719KB
-
Sample
220919-z8jn2saad4
-
MD5
fc7cb881cce701a7aa0e66db5343a08b
-
SHA1
8aabd3472aadda2df50f491d8868924fbd02400b
-
SHA256
41d83459aad53dd5da4346d33bd8df6648f7da7a12a0ebc5f0e8aeb1bb4ebed9
-
SHA512
1d2ae10224e40d3fe1c5d5848afa91898b23b1dd8df104c689d911a10a899674d6cc7620c76c35113cf7de0db5fed31fe64934b74607289d6e6ec3f2f389e749
-
SSDEEP
12288:5ZwHOyR7qnrIP1coEheYLpv2vlUUSNIRLNvWuWPm6NT4ITMRRLjDlCjI:LT6KJgN+GNwmVRRDkM
Malware Config
Extracted
darkcomet
Guest16
rattenjunge.zapto.org:1604
DC_MUTEX-F54S21D
-
gencode
4cjU6YoJ5VXp
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
41d83459aad53dd5da4346d33bd8df6648f7da7a12a0ebc5f0e8aeb1bb4ebed9
-
Size
719KB
-
MD5
fc7cb881cce701a7aa0e66db5343a08b
-
SHA1
8aabd3472aadda2df50f491d8868924fbd02400b
-
SHA256
41d83459aad53dd5da4346d33bd8df6648f7da7a12a0ebc5f0e8aeb1bb4ebed9
-
SHA512
1d2ae10224e40d3fe1c5d5848afa91898b23b1dd8df104c689d911a10a899674d6cc7620c76c35113cf7de0db5fed31fe64934b74607289d6e6ec3f2f389e749
-
SSDEEP
12288:5ZwHOyR7qnrIP1coEheYLpv2vlUUSNIRLNvWuWPm6NT4ITMRRLjDlCjI:LT6KJgN+GNwmVRRDkM
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-