darkcomet | fa49123feb767e88b9ee228be4ab567e81ca05917098633c8dfb95c3969b47c4 | Triage

Sharing

General

Target

fa49123feb767e88b9ee228be4ab567e81ca05917098633c8dfb95c3969b47c4
Size

696KB
Sample

221002-sn5x8acbd6
MD5

5f504720f1edba6a0c1debae9d7fc482
SHA1

81825d20f0c2ff30119a701f0b66e7ed7f8a2097
SHA256

fa49123feb767e88b9ee228be4ab567e81ca05917098633c8dfb95c3969b47c4
SHA512

31993341102101dc845a1ee7e890a0d25aa7386d78bb4467ba62af00e226a1904b97f66035e1cc5521d36668478f6c9ff30fc5836f34b274f343dd6a3fc02a8d
SSDEEP

12288:xeSNQkmWMHV+9X14gOs/rdxUbKnpe/0s/Isf0YuGc:IE2I148RFnpO0svfbPc

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

hackerboy1200.no-ip.biz:1604

Mutex

DC_MUTEX-USWPV2T

Attributes

gencode
YfQyDrJ6XAPb
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  fa49123feb767e88b9ee228be4ab567e81ca05917098633c8dfb95c3969b47c4
- Size
  
  696KB
- MD5
  
  5f504720f1edba6a0c1debae9d7fc482
- SHA1
  
  81825d20f0c2ff30119a701f0b66e7ed7f8a2097
- SHA256
  
  fa49123feb767e88b9ee228be4ab567e81ca05917098633c8dfb95c3969b47c4
- SHA512
  
  31993341102101dc845a1ee7e890a0d25aa7386d78bb4467ba62af00e226a1904b97f66035e1cc5521d36668478f6c9ff30fc5836f34b274f343dd6a3fc02a8d
- SSDEEP
  
  12288:xeSNQkmWMHV+9X14gOs/rdxUbKnpe/0s/Isf0YuGc:IE2I148RFnpO0svfbPc
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan