darkcomet | cc16d7c2682ed4841098fa8dee28f42a503ccf8fa7775b49632e3eecfde66920 | Triage

Sharing

General

Target

cc16d7c2682ed4841098fa8dee28f42a503ccf8fa7775b49632e3eecfde66920
Size

658KB
Sample

221123-3rd9sagc7s
MD5

52e0bfde4d852d48f9ba2ec55f690fc0
SHA1

55ce35b98d48c93cc5a96ed52a293be9c6c389c4
SHA256

cc16d7c2682ed4841098fa8dee28f42a503ccf8fa7775b49632e3eecfde66920
SHA512

3a4c6adf85d6ab9fc9fb86d164ebbebbe51a6829767895c6732de7b79dd1850d9d1ff7a5f57b8705aac9963cfeee51cbf503b8a9074cc8365e001556d0995fb6
SSDEEP

12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hC:OZ1xuVVjfFoynPaVBUR8f+kN10EBs

Score

10^/10

darkcomet guest16_min rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

10.76.143.174:1604

Mutex

DCMIN_MUTEX-Z216RAQ

Attributes

gencode
WucxspZiAui8
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  cc16d7c2682ed4841098fa8dee28f42a503ccf8fa7775b49632e3eecfde66920
- Size
  
  658KB
- MD5
  
  52e0bfde4d852d48f9ba2ec55f690fc0
- SHA1
  
  55ce35b98d48c93cc5a96ed52a293be9c6c389c4
- SHA256
  
  cc16d7c2682ed4841098fa8dee28f42a503ccf8fa7775b49632e3eecfde66920
- SHA512
  
  3a4c6adf85d6ab9fc9fb86d164ebbebbe51a6829767895c6732de7b79dd1850d9d1ff7a5f57b8705aac9963cfeee51cbf503b8a9074cc8365e001556d0995fb6
- SSDEEP
  
  12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hC:OZ1xuVVjfFoynPaVBUR8f+kN10EBs
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16_mindarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan