Overview

overview

10

Static

static

12cdbf473c...73.exe

windows7-x64

10

12cdbf473c...73.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12cdbf473c84542951d19260e645ab59a20fa2427dac412d5fdf25b4486e7273

  • Size

    827KB

  • Sample

    221011-k94y2sfhdm

  • MD5

    26743328ebdd1a217b93c66c9148ad7f

  • SHA1

    da547a2570a5948797d98113d948d8eadd45bcaf

  • SHA256

    12cdbf473c84542951d19260e645ab59a20fa2427dac412d5fdf25b4486e7273

  • SHA512

    418abdb611e2f2a7d5d15671086035359aaeda5d1d56507913cc7461a15533587e2033eb979608d708bf0ec13410ddf5f7d4dc4680f2e6364ee9dc630dd6cd33

  • SSDEEP

    24576:z1dlZo5svvY7yRsYW+dwY6+5jzHaLtnvU0TVDMmkrG:z1dlZoc+yRsYW+dw6DaLRM4

Score
10/10
darkcometrattrojan

Malware Config

Targets

    • Target

      12cdbf473c84542951d19260e645ab59a20fa2427dac412d5fdf25b4486e7273

    • Size

      827KB

    • MD5

      26743328ebdd1a217b93c66c9148ad7f

    • SHA1

      da547a2570a5948797d98113d948d8eadd45bcaf

    • SHA256

      12cdbf473c84542951d19260e645ab59a20fa2427dac412d5fdf25b4486e7273

    • SHA512

      418abdb611e2f2a7d5d15671086035359aaeda5d1d56507913cc7461a15533587e2033eb979608d708bf0ec13410ddf5f7d4dc4680f2e6364ee9dc630dd6cd33

    • SSDEEP

      24576:z1dlZo5svvY7yRsYW+dwY6+5jzHaLtnvU0TVDMmkrG:z1dlZoc+yRsYW+dw6DaLRM4

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks