General

  • Target

    fb12ee16ba67269109cda7adc167558d5071f331902d71fcadfecd4e645558f0

  • Size

    689KB

  • Sample

    221012-2yey8agca8

  • MD5

    6be81e7d50fe9d76ebd6dfd289153080

  • SHA1

    d9d240e338c1b5950a071c2c5ee0e4702927acb4

  • SHA256

    fb12ee16ba67269109cda7adc167558d5071f331902d71fcadfecd4e645558f0

  • SHA512

    101b2e5f0b9c1d144dd0bb1e0109eb54b0312a86342231307a25f2e5e9bb9c7d1b9a33edae016d8572305a81fed86fb1bc630c6b7e31221ef7267b790660b394

  • SSDEEP

    12288:R9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h7G:LZ1xuVVjfFoynPaVBUR8f+kN10EBg

Malware Config

Extracted

Family

darkcomet

Botnet

Victime

C2

anon300.zapto.org:1604

Mutex

DC_MUTEX-KWWAAN9

Attributes
  • gencode

    iesjVKWkgmeB

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      fb12ee16ba67269109cda7adc167558d5071f331902d71fcadfecd4e645558f0

    • Size

      689KB

    • MD5

      6be81e7d50fe9d76ebd6dfd289153080

    • SHA1

      d9d240e338c1b5950a071c2c5ee0e4702927acb4

    • SHA256

      fb12ee16ba67269109cda7adc167558d5071f331902d71fcadfecd4e645558f0

    • SHA512

      101b2e5f0b9c1d144dd0bb1e0109eb54b0312a86342231307a25f2e5e9bb9c7d1b9a33edae016d8572305a81fed86fb1bc630c6b7e31221ef7267b790660b394

    • SSDEEP

      12288:R9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h7G:LZ1xuVVjfFoynPaVBUR8f+kN10EBg

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks