General

  • Target

    8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2

  • Size

    689KB

  • Sample

    221003-tllx1aebc7

  • MD5

    6026423e7940d5405e9d6e8e4491e4a0

  • SHA1

    e59c79df90af9a7915c9e654c74854c9ca75ee41

  • SHA256

    8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2

  • SHA512

    e73a7a89009e181903f71bb78976df21241b2c104c9a5349f83c925e0469c1a2bd8ad57acbcd5ce009667d15bf08c7ee9c04da6f27d3609272b7aeb4432131d3

  • SSDEEP

    12288:R9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h4n:LZ1xuVVjfFoynPaVBUR8f+kN10EBQ

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

vladmaryuhin.no-ip.biz:1604

Mutex

DC_MUTEX-JJZ9P4J

Attributes
  • gencode

    2rzgz1dxbGWN

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2

    • Size

      689KB

    • MD5

      6026423e7940d5405e9d6e8e4491e4a0

    • SHA1

      e59c79df90af9a7915c9e654c74854c9ca75ee41

    • SHA256

      8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2

    • SHA512

      e73a7a89009e181903f71bb78976df21241b2c104c9a5349f83c925e0469c1a2bd8ad57acbcd5ce009667d15bf08c7ee9c04da6f27d3609272b7aeb4432131d3

    • SSDEEP

      12288:R9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h4n:LZ1xuVVjfFoynPaVBUR8f+kN10EBQ

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks