darkcomet | 463c4c7962903937d8c285bbf8fba21be50090a68ce7644a629d32061a4a634e | Triage

Sharing

General

Target

463c4c7962903937d8c285bbf8fba21be50090a68ce7644a629d32061a4a634e
Size

658KB
Sample

221020-bgv11agbdn
MD5

90be789d177c4c8c4e5e72c87131f5b0
SHA1

d8342f6b0e3fe8c1edfe823d5776cf453d8b91c9
SHA256

463c4c7962903937d8c285bbf8fba21be50090a68ce7644a629d32061a4a634e
SHA512

3dbe48be057f7d1ea25fba2a25b9471af3a4bdaa535e22da08b92be6046522545cde61fab5e12fb0babe81d86583667f4b0e1bc45627aada32c133af243cfe4c
SSDEEP

12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h6:GZ1xuVVjfFoynPaVBUR8f+kN10EB4

Score

10^/10

darkcomet test1 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Test1

C2

noiphost.no-ip.org:1337

Mutex

DC_MUTEX-H6SDR8E

Attributes

gencode
LqwknqP1zPyZ
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  463c4c7962903937d8c285bbf8fba21be50090a68ce7644a629d32061a4a634e
- Size
  
  658KB
- MD5
  
  90be789d177c4c8c4e5e72c87131f5b0
- SHA1
  
  d8342f6b0e3fe8c1edfe823d5776cf453d8b91c9
- SHA256
  
  463c4c7962903937d8c285bbf8fba21be50090a68ce7644a629d32061a4a634e
- SHA512
  
  3dbe48be057f7d1ea25fba2a25b9471af3a4bdaa535e22da08b92be6046522545cde61fab5e12fb0babe81d86583667f4b0e1bc45627aada32c133af243cfe4c
- SSDEEP
  
  12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h6:GZ1xuVVjfFoynPaVBUR8f+kN10EB4
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan