darkcomet | b4c1c4905b766e0a744b6c6084a07bdfd6830c267505bc16354deb2ba89e2da9 | Triage

Submit
Reports

Overview

overview

Static

static

b4c1c4905b...a9.exe

windows7-x64

b4c1c4905b...a9.exe

windows10-2004-x64

Sharing

General

Target

b4c1c4905b766e0a744b6c6084a07bdfd6830c267505bc16354deb2ba89e2da9
Size

251KB
Sample

221020-1qzg8agbe9
MD5

a00dfa4b09eed88ed647d6847f341ff0
SHA1

a35f48b767d0c0ce1114b36a0be3c64c2c987728
SHA256

b4c1c4905b766e0a744b6c6084a07bdfd6830c267505bc16354deb2ba89e2da9
SHA512

c2e1ae5ece170bd08a76d07a379d999d831015d36771e172327cca781b1cef7c8e1e7d44cf3ec0bb5cae6fea914cfbdf8471ee3c5a26720388709597aecb0f74
SSDEEP

6144:WcNYS996KFifeVjBpeExgVTFSXFoMc5o3AYEok:WcW7KEZlPow

Score

10^/10

darkcomet safa7 rat trojan upx

Static task

static1

upx safa7 darkcomet

2 signatures

Behavioral task

behavioral1

Sample

b4c1c4905b766e0a744b6c6084a07bdfd6830c267505bc16354deb2ba89e2da9.exe

Resource

win7-20220812-en

darkcomet safa7 rat trojan upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

b4c1c4905b766e0a744b6c6084a07bdfd6830c267505bc16354deb2ba89e2da9.exe

Resource

win10v2004-20220812-en

darkcomet safa7 rat trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

SaFa7

C2

127.0.0.1:14312

Mutex

DC_MUTEX-YJJJGML

Attributes

gencode
Pf6aQEENDAeA
install
false
offline_keylogger
true
password
11
persistence
false

Targets

- Target
  
  b4c1c4905b766e0a744b6c6084a07bdfd6830c267505bc16354deb2ba89e2da9
- Size
  
  251KB
- MD5
  
  a00dfa4b09eed88ed647d6847f341ff0
- SHA1
  
  a35f48b767d0c0ce1114b36a0be3c64c2c987728
- SHA256
  
  b4c1c4905b766e0a744b6c6084a07bdfd6830c267505bc16354deb2ba89e2da9
- SHA512
  
  c2e1ae5ece170bd08a76d07a379d999d831015d36771e172327cca781b1cef7c8e1e7d44cf3ec0bb5cae6fea914cfbdf8471ee3c5a26720388709597aecb0f74
- SSDEEP
  
  6144:WcNYS996KFifeVjBpeExgVTFSXFoMc5o3AYEok:WcW7KEZlPow
Score

10^/10

darkcomet safa7 rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

upxsafa7darkcomet

behavioral1

darkcometsafa7rattrojanupx

behavioral2

darkcometsafa7rattrojanupx

© 2018-2025

Terms | Privacy