Overview

overview

10

Static

static

3bcfefd909...19.exe

windows7-x64

10

3bcfefd909...19.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3bcfefd9098c6525ac995ca0ddb2b08edfb90a8005f38faa2db3caadcd1e8b19

  • Size

    1.2MB

  • Sample

    221123-rwxq5scf6v

  • MD5

    3f125b54046ba17396564b31e80eda49

  • SHA1

    2b975d773ebbe754aab18cc6dd0645246cb7d0f4

  • SHA256

    3bcfefd9098c6525ac995ca0ddb2b08edfb90a8005f38faa2db3caadcd1e8b19

  • SHA512

    a2caf1b0da2aa9c0c4a78ac7eca055d109fff05a397123ea5542cfcbf07efb9a1fde831f419ea4759d81b2b56d39b61848ea76ccd6947f5e10ff0d79a662772b

  • SSDEEP

    12288:fbnrIyCRcB5CdGqK1QLmgWCnR1vbt9qJnUW1+zvSWulr3J2H7BUkwMVbC3dP:XIB3KgWqPjCiaWuFcH7Bj23dP

Score
10/10
darkcometrattrojan

Malware Config

Targets

    • Target

      3bcfefd9098c6525ac995ca0ddb2b08edfb90a8005f38faa2db3caadcd1e8b19

    • Size

      1.2MB

    • MD5

      3f125b54046ba17396564b31e80eda49

    • SHA1

      2b975d773ebbe754aab18cc6dd0645246cb7d0f4

    • SHA256

      3bcfefd9098c6525ac995ca0ddb2b08edfb90a8005f38faa2db3caadcd1e8b19

    • SHA512

      a2caf1b0da2aa9c0c4a78ac7eca055d109fff05a397123ea5542cfcbf07efb9a1fde831f419ea4759d81b2b56d39b61848ea76ccd6947f5e10ff0d79a662772b

    • SSDEEP

      12288:fbnrIyCRcB5CdGqK1QLmgWCnR1vbt9qJnUW1+zvSWulr3J2H7BUkwMVbC3dP:XIB3KgWqPjCiaWuFcH7Bj23dP

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks