General

  • Target

    5bc79407f5dc225923ab300a7e6672151cb752eb2c0c9d7d47e5ee6ab8e8aceb

  • Size

    861KB

  • Sample

    221011-laarlafgc8

  • MD5

    4630cf5912ee12c04d29b36e7808e26c

  • SHA1

    d10dee09d7b3c61077f95ed8111890211c59125d

  • SHA256

    5bc79407f5dc225923ab300a7e6672151cb752eb2c0c9d7d47e5ee6ab8e8aceb

  • SHA512

    a7a55554e3bdc123b709716698788bbb5a500f10771c59664e1dfb8ef167a0fedd27fba5a02b310270267e37c646a711a73b812b895c8b4763ed20bc37084cc9

  • SSDEEP

    24576:vANOCS6qwWB0V5o8mnqvtrdgDQERKCiRKC:vANOfj5+rd9aI

Malware Config

Targets

    • Target

      5bc79407f5dc225923ab300a7e6672151cb752eb2c0c9d7d47e5ee6ab8e8aceb

    • Size

      861KB

    • MD5

      4630cf5912ee12c04d29b36e7808e26c

    • SHA1

      d10dee09d7b3c61077f95ed8111890211c59125d

    • SHA256

      5bc79407f5dc225923ab300a7e6672151cb752eb2c0c9d7d47e5ee6ab8e8aceb

    • SHA512

      a7a55554e3bdc123b709716698788bbb5a500f10771c59664e1dfb8ef167a0fedd27fba5a02b310270267e37c646a711a73b812b895c8b4763ed20bc37084cc9

    • SSDEEP

      24576:vANOCS6qwWB0V5o8mnqvtrdgDQERKCiRKC:vANOfj5+rd9aI

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Modifies firewall policy service

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

MITRE ATT&CK Enterprise v6

Tasks