darkcomet | a42e611788c3daafdb6043c50295d4f02ba747b65a8c330a41650ecbab33753a | Triage

Sharing

General

Target

a42e611788c3daafdb6043c50295d4f02ba747b65a8c330a41650ecbab33753a
Size

658KB
Sample

221123-s59mqsgb8t
MD5

6daf59a76d89f64fb9826981af1c9eda
SHA1

d2b6141675da414822e674f19da7b943b40a9336
SHA256

a42e611788c3daafdb6043c50295d4f02ba747b65a8c330a41650ecbab33753a
SHA512

b0f489d026a2e069402ef94eac4c1e3e8784b32ecc0a8d9dafa460d63f8fc012cabea0f04b7b4e245521a0de280b2abeda3e2925081d35badac8b756c4c0f686
SSDEEP

12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/ho:GZ1xuVVjfFoynPaVBUR8f+kN10EB+

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

brian112.ddns.net:100

Mutex

DC_MUTEX-XESRFEN

Attributes

gencode
fWQsVg27ZZVP
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  a42e611788c3daafdb6043c50295d4f02ba747b65a8c330a41650ecbab33753a
- Size
  
  658KB
- MD5
  
  6daf59a76d89f64fb9826981af1c9eda
- SHA1
  
  d2b6141675da414822e674f19da7b943b40a9336
- SHA256
  
  a42e611788c3daafdb6043c50295d4f02ba747b65a8c330a41650ecbab33753a
- SHA512
  
  b0f489d026a2e069402ef94eac4c1e3e8784b32ecc0a8d9dafa460d63f8fc012cabea0f04b7b4e245521a0de280b2abeda3e2925081d35badac8b756c4c0f686
- SSDEEP
  
  12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/ho:GZ1xuVVjfFoynPaVBUR8f+kN10EB+
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan