darkcomet | 8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2 | Triage

Sharing

General

Target

8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2
Size

689KB
Sample

221003-tllx1aebc7
MD5

6026423e7940d5405e9d6e8e4491e4a0
SHA1

e59c79df90af9a7915c9e654c74854c9ca75ee41
SHA256

8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2
SHA512

e73a7a89009e181903f71bb78976df21241b2c104c9a5349f83c925e0469c1a2bd8ad57acbcd5ce009667d15bf08c7ee9c04da6f27d3609272b7aeb4432131d3
SSDEEP

12288:R9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h4n:LZ1xuVVjfFoynPaVBUR8f+kN10EBQ

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

vladmaryuhin.no-ip.biz:1604

Mutex

DC_MUTEX-JJZ9P4J

Attributes

gencode
2rzgz1dxbGWN
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2
- Size
  
  689KB
- MD5
  
  6026423e7940d5405e9d6e8e4491e4a0
- SHA1
  
  e59c79df90af9a7915c9e654c74854c9ca75ee41
- SHA256
  
  8362038982ae5c1ebec24d4c5b1ad15e7da657ebaac2496d9a1a2865463edfb2
- SHA512
  
  e73a7a89009e181903f71bb78976df21241b2c104c9a5349f83c925e0469c1a2bd8ad57acbcd5ce009667d15bf08c7ee9c04da6f27d3609272b7aeb4432131d3
- SSDEEP
  
  12288:R9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h4n:LZ1xuVVjfFoynPaVBUR8f+kN10EBQ
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan