darkcomet | 15b66cc7fbf50e4294625561380fe3074e6e6048eb156225e6e4dc6ab29b0d4a | Triage

Sharing

General

Target

15b66cc7fbf50e4294625561380fe3074e6e6048eb156225e6e4dc6ab29b0d4a
Size

658KB
Sample

221123-3rg1nsda97
MD5

4b319e1920209b19ca72e01d0451bd40
SHA1

687e4bd12343691fa4ee32e3f61122cde9ee8fed
SHA256

15b66cc7fbf50e4294625561380fe3074e6e6048eb156225e6e4dc6ab29b0d4a
SHA512

1d02534499b2f9a43434e4696451e1524cce9275b0ae9395bb4314e57ebee60e4c179cba9cdfc8627ebe8b6e84c2d0cb0cc54871c13b1e11a9acef918c673714
SSDEEP

12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hh:uZ1xuVVjfFoynPaVBUR8f+kN10EBb

Score

10^/10

darkcomet pictures rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Pictures

C2

mugensrat.no-ip.biz:100

Mutex

DC_MUTEX-S64C2C8

Attributes

gencode
EYKifd8g8sX8
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  15b66cc7fbf50e4294625561380fe3074e6e6048eb156225e6e4dc6ab29b0d4a
- Size
  
  658KB
- MD5
  
  4b319e1920209b19ca72e01d0451bd40
- SHA1
  
  687e4bd12343691fa4ee32e3f61122cde9ee8fed
- SHA256
  
  15b66cc7fbf50e4294625561380fe3074e6e6048eb156225e6e4dc6ab29b0d4a
- SHA512
  
  1d02534499b2f9a43434e4696451e1524cce9275b0ae9395bb4314e57ebee60e4c179cba9cdfc8627ebe8b6e84c2d0cb0cc54871c13b1e11a9acef918c673714
- SSDEEP
  
  12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hh:uZ1xuVVjfFoynPaVBUR8f+kN10EBb
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

picturesdarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan