General

  • Target

    acebd61be25818ce86f98fbb14ed78b5067e5b37e01e27f5249615dacb4b6a87

  • Size

    658KB

  • Sample

    221123-s58qfadb55

  • MD5

    1d4cec30af7e08ac68adc802ca354ec8

  • SHA1

    c5b57e9d7aed70de79dcabf1a7eb95bf507b1d3c

  • SHA256

    acebd61be25818ce86f98fbb14ed78b5067e5b37e01e27f5249615dacb4b6a87

  • SHA512

    5b09edccc441c7a1cd43efac5973a433d2bebc59b35142d30de79f44c3f5ad9f071cc089668eefcb334ce5f97ddd30e03a1e5a4154692f0c77cc358e9431d2ab

  • SSDEEP

    12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hh:uZ1xuVVjfFoynPaVBUR8f+kN10EB3

Malware Config

Extracted

Family

darkcomet

Botnet

bot 1

C2

nothis.chickenkiller.com:1604

Mutex

DC_MUTEX-B0QG2WS

Attributes
  • gencode

    hXWvDv4VqXe3

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      acebd61be25818ce86f98fbb14ed78b5067e5b37e01e27f5249615dacb4b6a87

    • Size

      658KB

    • MD5

      1d4cec30af7e08ac68adc802ca354ec8

    • SHA1

      c5b57e9d7aed70de79dcabf1a7eb95bf507b1d3c

    • SHA256

      acebd61be25818ce86f98fbb14ed78b5067e5b37e01e27f5249615dacb4b6a87

    • SHA512

      5b09edccc441c7a1cd43efac5973a433d2bebc59b35142d30de79f44c3f5ad9f071cc089668eefcb334ce5f97ddd30e03a1e5a4154692f0c77cc358e9431d2ab

    • SSDEEP

      12288:C9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hh:uZ1xuVVjfFoynPaVBUR8f+kN10EB3

    Score
    10/10
    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Enterprise v6

Tasks