darkcomet | 4bf9aff35541003dfe7c0fcef52f456a2cab979dd144c21760e38bef24efb2c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bf9aff35541003dfe7c0fcef52f456a2cab979dd144c21760e38bef24efb2c7
Size

658KB
Sample

221020-1p27qagbb9
MD5

90064a477ecc5c1ab23b4d1abcb19c60
SHA1

a74b229d9390ffc207e668f441d160d2eac46788
SHA256

4bf9aff35541003dfe7c0fcef52f456a2cab979dd144c21760e38bef24efb2c7
SHA512

af006c51ad453c7c3d38435e4ffd54ddd9601ba278d4ff318802e4a406d1d64c26b93108f99d715958804762e889c3a2401c6bd0cd00b1d1ddb591bd18b6125d
SSDEEP

12288:q9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h1:mZ1xuVVjfFoynPaVBUR8f+kN10EBT

Score

10^/10

darkcomet guest16_min rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

192.198.1.1:1604

Mutex

DCMIN_MUTEX-CZ97LRU

Attributes

gencode
r9xfPDl4oeFz
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  4bf9aff35541003dfe7c0fcef52f456a2cab979dd144c21760e38bef24efb2c7
- Size
  
  658KB
- MD5
  
  90064a477ecc5c1ab23b4d1abcb19c60
- SHA1
  
  a74b229d9390ffc207e668f441d160d2eac46788
- SHA256
  
  4bf9aff35541003dfe7c0fcef52f456a2cab979dd144c21760e38bef24efb2c7
- SHA512
  
  af006c51ad453c7c3d38435e4ffd54ddd9601ba278d4ff318802e4a406d1d64c26b93108f99d715958804762e889c3a2401c6bd0cd00b1d1ddb591bd18b6125d
- SSDEEP
  
  12288:q9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h1:mZ1xuVVjfFoynPaVBUR8f+kN10EBT
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16_mindarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan