Darkcomet

DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

Modifies WinLogon for persistence

Modifies firewall policy service

Modifies security service

Windows security bypass

Disables RegEdit via registry modification

Disables Task Manager via registry modification

Executes dropped EXE

Sets file to hidden

Modifies file attributes to stop it showing in Explorer etc.

UPX packed file

Detects executables packed with UPX/modified UPX open source packer.