General

  • Target

    3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6

  • Size

    747KB

  • Sample

    221003-tl83jaebgj

  • MD5

    63a738439b5da4a9b50c215de8f445ef

  • SHA1

    12f49da0ad9ac2cf2e76b36f51a1971c5f43e7ea

  • SHA256

    3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6

  • SHA512

    16fd8f7cc8f2274f5d172166568196b2cc50f9a2e1c2697a83f83f6abdc4ba7d32719fdbb5488cd1097fe491ec397c44ef0fcb661b9b90d389629d1bfe11ae5e

  • SSDEEP

    12288:sk0QVlhmPojAPTMEsUTg0oChO/Q2JbsbjPbN5qhRTtYe3f+Iw86k/9/+sbR:t0QRWoJEfg0oChGdJQbjPbNW5tYeP+G3

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

176.240.164.204:2121

95.6.97.198:2121

Mutex

DC_MUTEX-NG8FP0B

Attributes
  • gencode

    lHlBSlgPsgHW

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6

    • Size

      747KB

    • MD5

      63a738439b5da4a9b50c215de8f445ef

    • SHA1

      12f49da0ad9ac2cf2e76b36f51a1971c5f43e7ea

    • SHA256

      3e9f541521fd4b47c33f319183f03ca7c4dd23318d55bf6dee25a5543bd33cc6

    • SHA512

      16fd8f7cc8f2274f5d172166568196b2cc50f9a2e1c2697a83f83f6abdc4ba7d32719fdbb5488cd1097fe491ec397c44ef0fcb661b9b90d389629d1bfe11ae5e

    • SSDEEP

      12288:sk0QVlhmPojAPTMEsUTg0oChO/Q2JbsbjPbN5qhRTtYe3f+Iw86k/9/+sbR:t0QRWoJEfg0oChGdJQbjPbNW5tYeP+G3

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks