darkcomet | 3c30340289c197ade28ccb0d2333f43d58aa9b17df12bc08a6e32fa72d07a2c4 | Triage

Sharing

General

Target

3c30340289c197ade28ccb0d2333f43d58aa9b17df12bc08a6e32fa72d07a2c4
Size

658KB
Sample

221001-3ms75scbc2
MD5

62a2c1d878fee7e2e877bcb053b8eb20
SHA1

2805428f940e86de01e78c29668f2a2bf3353c0c
SHA256

3c30340289c197ade28ccb0d2333f43d58aa9b17df12bc08a6e32fa72d07a2c4
SHA512

36a60b0d04bb06a1043a331da748f50d0245db327d56b444318aa7ce82e255f01f09b0b2d95abeadc0ca1f337350ed6c77c5119302d3e064c9957c313e78af37
SSDEEP

12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hN:uZ1xuVVjfFoynPaVBUR8f+kN10EBn

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

codfreak321.no-ip.biz:10048

Mutex

DC_MUTEX-24QNR67

Attributes

gencode
uLZnF2Dz6HNk
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  3c30340289c197ade28ccb0d2333f43d58aa9b17df12bc08a6e32fa72d07a2c4
- Size
  
  658KB
- MD5
  
  62a2c1d878fee7e2e877bcb053b8eb20
- SHA1
  
  2805428f940e86de01e78c29668f2a2bf3353c0c
- SHA256
  
  3c30340289c197ade28ccb0d2333f43d58aa9b17df12bc08a6e32fa72d07a2c4
- SHA512
  
  36a60b0d04bb06a1043a331da748f50d0245db327d56b444318aa7ce82e255f01f09b0b2d95abeadc0ca1f337350ed6c77c5119302d3e064c9957c313e78af37
- SSDEEP
  
  12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hN:uZ1xuVVjfFoynPaVBUR8f+kN10EBn
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan