darkcomet | 0094509d32845ee90d6feefab7912b506cdf97c91f03bb8e14f1a2d704746576 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0094509d32845ee90d6feefab7912b506cdf97c91f03bb8e14f1a2d704746576
Size

660KB
Sample

221020-lxk6vagef2
MD5

813b3596222233c303403e3c945682f0
SHA1

f7b94b4f39d0654eff7ae458589eb2010065b32f
SHA256

0094509d32845ee90d6feefab7912b506cdf97c91f03bb8e14f1a2d704746576
SHA512

9c1288284e059647a0f1f68ab8e9a8e4a7542da3ef96aa5f18485c17bc92c9d02d8aabaaa2fc2f1fac91428514371f92667fabbaa080d77efc2e0647fecc44e4
SSDEEP

12288:wXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Ub:WnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JL

Score

10^/10

darkcomet guest16_min rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

192.168.1.10:1604

Mutex

DCMIN_MUTEX-RZUK362

Attributes

gencode
8euVrb3Gs7Y2
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  0094509d32845ee90d6feefab7912b506cdf97c91f03bb8e14f1a2d704746576
- Size
  
  660KB
- MD5
  
  813b3596222233c303403e3c945682f0
- SHA1
  
  f7b94b4f39d0654eff7ae458589eb2010065b32f
- SHA256
  
  0094509d32845ee90d6feefab7912b506cdf97c91f03bb8e14f1a2d704746576
- SHA512
  
  9c1288284e059647a0f1f68ab8e9a8e4a7542da3ef96aa5f18485c17bc92c9d02d8aabaaa2fc2f1fac91428514371f92667fabbaa080d77efc2e0647fecc44e4
- SSDEEP
  
  12288:wXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Ub:WnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JL
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16_mindarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan