darkcomet | 3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6 | Triage

Sharing

General

Target

3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6
Size

747KB
Sample

221003-tl83jaebgj
MD5

63a738439b5da4a9b50c215de8f445ef
SHA1

12f49da0ad9ac2cf2e76b36f51a1971c5f43e7ea
SHA256

3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6
SHA512

16fd8f7cc8f2274f5d172166568196b2cc50f9a2e1c2697a83f83f6abdc4ba7d32719fdbb5488cd1097fe491ec397c44ef0fcb661b9b90d389629d1bfe11ae5e
SSDEEP

12288:sk0QVlhmPojAPTMEsUTg0oChO/Q2JbsbjPbN5qhRTtYe3f+Iw86k/9/+sbR:t0QRWoJEfg0oChGdJQbjPbNW5tYeP+G3

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

176.240.164.204:2121

95.6.97.198:2121

Mutex

DC_MUTEX-NG8FP0B

Attributes

gencode
lHlBSlgPsgHW
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6
- Size
  
  747KB
- MD5
  
  63a738439b5da4a9b50c215de8f445ef
- SHA1
  
  12f49da0ad9ac2cf2e76b36f51a1971c5f43e7ea
- SHA256
  
  3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6
- SHA512
  
  16fd8f7cc8f2274f5d172166568196b2cc50f9a2e1c2697a83f83f6abdc4ba7d32719fdbb5488cd1097fe491ec397c44ef0fcb661b9b90d389629d1bfe11ae5e
- SSDEEP
  
  12288:sk0QVlhmPojAPTMEsUTg0oChO/Q2JbsbjPbN5qhRTtYe3f+Iw86k/9/+sbR:t0QRWoJEfg0oChGdJQbjPbNW5tYeP+G3
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan