darkcomet | 92c1a4e5f6ca780c8a0aeb4843d9db27ab9e4c3072c61ef075025ad69791df7a | Triage

Sharing

General

Target

92c1a4e5f6ca780c8a0aeb4843d9db27ab9e4c3072c61ef075025ad69791df7a
Size

690KB
Sample

221003-tmpqaaebgr
MD5

61339b811513f55e2d7940bbcb7c76b0
SHA1

8a3dc3fb934d61d88b5edda445f5adfbed340b5e
SHA256

92c1a4e5f6ca780c8a0aeb4843d9db27ab9e4c3072c61ef075025ad69791df7a
SHA512

f018324a83ff26c0c70cc9bd9c72ab6fbe3fb28e7a2b374ce5a5164e8e06a20fe885ff9793b3d85438f9378bb0dbc1ba6278d7c6599ccddd30552784e3ad97d1
SSDEEP

12288:i9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFwG:OiBIGkbxqEcjsWiDxguehC2SI

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

dozor93.zapto.org:1604

Mutex

DC_MUTEX-JQT8VA7

Attributes

gencode
6TxuXc2CcdHf
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  92c1a4e5f6ca780c8a0aeb4843d9db27ab9e4c3072c61ef075025ad69791df7a
- Size
  
  690KB
- MD5
  
  61339b811513f55e2d7940bbcb7c76b0
- SHA1
  
  8a3dc3fb934d61d88b5edda445f5adfbed340b5e
- SHA256
  
  92c1a4e5f6ca780c8a0aeb4843d9db27ab9e4c3072c61ef075025ad69791df7a
- SHA512
  
  f018324a83ff26c0c70cc9bd9c72ab6fbe3fb28e7a2b374ce5a5164e8e06a20fe885ff9793b3d85438f9378bb0dbc1ba6278d7c6599ccddd30552784e3ad97d1
- SSDEEP
  
  12288:i9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFwG:OiBIGkbxqEcjsWiDxguehC2SI
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan