darkcomet | f2a68c4b25c8c6f2533ec838f0a0a754a6053fcbee60442559fed5d8e315ce01 | Triage

Sharing

General

Target

f2a68c4b25c8c6f2533ec838f0a0a754a6053fcbee60442559fed5d8e315ce01
Size

463KB
Sample

221123-px9qzsff21
MD5

32d6ee67d7d73a8a47022dab10e4216d
SHA1

27e83c7c0a634f546c978272b57eda2d203c9eb5
SHA256

f2a68c4b25c8c6f2533ec838f0a0a754a6053fcbee60442559fed5d8e315ce01
SHA512

d29add42c7cca752651a51e0e8fb3d1129680217a034beed644e67ba30bf62e1e944d473a861adddb29499b945fef373d4d972cc381622596b7444819ae13e82
SSDEEP

12288:6mQvKAimrC+QrxKgeuDwOVC2rbmEqhlLhtQCs6F9DQq/omI:6Fv0mrC+QrxGh+C2rbFq7htQC3

Score

10^/10

darkcomet normal rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Normal

C2

loageht.no-ip.biz:200

Mutex

DC_MUTEX-XH7AAPW

Attributes

gencode
YaMcdkD8D9U1
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  f2a68c4b25c8c6f2533ec838f0a0a754a6053fcbee60442559fed5d8e315ce01
- Size
  
  463KB
- MD5
  
  32d6ee67d7d73a8a47022dab10e4216d
- SHA1
  
  27e83c7c0a634f546c978272b57eda2d203c9eb5
- SHA256
  
  f2a68c4b25c8c6f2533ec838f0a0a754a6053fcbee60442559fed5d8e315ce01
- SHA512
  
  d29add42c7cca752651a51e0e8fb3d1129680217a034beed644e67ba30bf62e1e944d473a861adddb29499b945fef373d4d972cc381622596b7444819ae13e82
- SSDEEP
  
  12288:6mQvKAimrC+QrxKgeuDwOVC2rbmEqhlLhtQCs6F9DQq/omI:6Fv0mrC+QrxGh+C2rbFq7htQC3
Score

10^/10

darkcomet normal rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

darkcometnormalrattrojan

behavioral2

darkcometnormalrattrojan