General
-
Target
27e0943845dcfa97ebc467aa534369b6993bee9ebd4a0779e04c29b7b3a7bdcd
-
Size
337KB
-
Sample
221003-trpk3sedeq
-
MD5
6eafe11f4cbe8a8ffd829d49c3b94c1b
-
SHA1
50598c40beab243eeb0921023357a3ffb9e929fc
-
SHA256
27e0943845dcfa97ebc467aa534369b6993bee9ebd4a0779e04c29b7b3a7bdcd
-
SHA512
da04039b4be99e5b841efb03eb2431a2c04e3023c66cdbb71c7a0aafd50403975d0da22a7fbc189fe1c75633df787869d0c80a2e40f93e78cf360b05bba3d7d5
-
SSDEEP
6144:zUc8SY8u+rv6Kl9QFhC6z3sbS4P2UI9icyXV13kPKuzGnVAjRZLLeMdWnpQZh9h4:zUcrY8driIQHG2D1axkPKdSIMd0QZh9u
Malware Config
Targets
-
-
Target
27e0943845dcfa97ebc467aa534369b6993bee9ebd4a0779e04c29b7b3a7bdcd
-
Size
337KB
-
MD5
6eafe11f4cbe8a8ffd829d49c3b94c1b
-
SHA1
50598c40beab243eeb0921023357a3ffb9e929fc
-
SHA256
27e0943845dcfa97ebc467aa534369b6993bee9ebd4a0779e04c29b7b3a7bdcd
-
SHA512
da04039b4be99e5b841efb03eb2431a2c04e3023c66cdbb71c7a0aafd50403975d0da22a7fbc189fe1c75633df787869d0c80a2e40f93e78cf360b05bba3d7d5
-
SSDEEP
6144:zUc8SY8u+rv6Kl9QFhC6z3sbS4P2UI9icyXV13kPKuzGnVAjRZLLeMdWnpQZh9h4:zUcrY8driIQHG2D1axkPKdSIMd0QZh9u
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Modifies security service
-
Windows security bypass
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Windows security modification
-