General

  • Target

    802a0a16f577dd175c1c91a1b3802a5db6c00540910f7a9b7644b2829c940e7d

  • Size

    660KB

  • Sample

    221018-zfv7daeben

  • MD5

    1c1b2b91048704b3acec27b8e7c31e77

  • SHA1

    0290be8525d022a5c96c7bfdb25c99ce68ed08c8

  • SHA256

    802a0a16f577dd175c1c91a1b3802a5db6c00540910f7a9b7644b2829c940e7d

  • SHA512

    0ab98efc321f32bd157ef58b2a002f763064ddcb6cc3b6bd12c4652348724be9a4b8c7766b15bc3bcc9022e320b911b4e6c8140e0da5201d5849137a7d5a5b23

  • SSDEEP

    12288:UXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UD:CnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jz

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

dracula92.duckdns.org:1707

Mutex

DC_MUTEX-F54S21D

Attributes
  • gencode

    VJq1wCjs2tat

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      802a0a16f577dd175c1c91a1b3802a5db6c00540910f7a9b7644b2829c940e7d

    • Size

      660KB

    • MD5

      1c1b2b91048704b3acec27b8e7c31e77

    • SHA1

      0290be8525d022a5c96c7bfdb25c99ce68ed08c8

    • SHA256

      802a0a16f577dd175c1c91a1b3802a5db6c00540910f7a9b7644b2829c940e7d

    • SHA512

      0ab98efc321f32bd157ef58b2a002f763064ddcb6cc3b6bd12c4652348724be9a4b8c7766b15bc3bcc9022e320b911b4e6c8140e0da5201d5849137a7d5a5b23

    • SSDEEP

      12288:UXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UD:CnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jz

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v6

Tasks