darkcomet | 1caa5ed924c9b12202739ec4e2c18f254c35ad8502114b621e9eec134c29f5ac | Triage

Submit
Reports

Overview

overview

Static

static

8

1caa5ed924...ac.exe

windows7-x64

1caa5ed924...ac.exe

windows10-2004-x64

Sharing

General

Target

1caa5ed924c9b12202739ec4e2c18f254c35ad8502114b621e9eec134c29f5ac
Size

458KB
Sample

221003-fl4adsghc2
MD5

5a528e38129df79c3b4197195a9c02b0
SHA1

022eb62feb5c8ea7b3ecf3114e1d60c8a815ac72
SHA256

1caa5ed924c9b12202739ec4e2c18f254c35ad8502114b621e9eec134c29f5ac
SHA512

a638deda50c14f6c9bd1636cbc7ebb1dd758473b3d88b94cf23b735d380d9b575d2cf9880e3ac1d0461046ce84f440cdb72dfbde2f5c6d11c73b55f51d801704
SSDEEP

6144:scNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37HatQWMERIv+ioUBPbIA1:scW7KEZlPzCy377Emmx8DIc

Score

10^/10

darkcomet guest16 rat trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1caa5ed924c9b12202739ec4e2c18f254c35ad8502114b621e9eec134c29f5ac.exe

Resource

win7-20220812-en

darkcomet guest16 rat trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

1caa5ed924c9b12202739ec4e2c18f254c35ad8502114b621e9eec134c29f5ac.exe

Resource

win10v2004-20220812-en

darkcomet guest16 rat trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

4baganise.zapto.org:1604

Mutex

DC_MUTEX-XS2JBAP

Attributes

gencode
cMhRyxTuzc4D
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  1caa5ed924c9b12202739ec4e2c18f254c35ad8502114b621e9eec134c29f5ac
- Size
  
  458KB
- MD5
  
  5a528e38129df79c3b4197195a9c02b0
- SHA1
  
  022eb62feb5c8ea7b3ecf3114e1d60c8a815ac72
- SHA256
  
  1caa5ed924c9b12202739ec4e2c18f254c35ad8502114b621e9eec134c29f5ac
- SHA512
  
  a638deda50c14f6c9bd1636cbc7ebb1dd758473b3d88b94cf23b735d380d9b575d2cf9880e3ac1d0461046ce84f440cdb72dfbde2f5c6d11c73b55f51d801704
- SSDEEP
  
  6144:scNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37HatQWMERIv+ioUBPbIA1:scW7KEZlPzCy377Emmx8DIc
Score

10^/10

darkcomet guest16 rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Drops file in Drivers directory
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16rattrojanupx

behavioral2

darkcometguest16rattrojanupx

© 2018-2025

Terms | Privacy