darkcomet | 7c6277c84213a36cf6495b2f6de24629f9cad5d2b1c75b8783871ba544e69545 | Triage

Sharing

General

Target

7c6277c84213a36cf6495b2f6de24629f9cad5d2b1c75b8783871ba544e69545
Size

658KB
Sample

221123-s6daxsdb59
MD5

4ce9d3c165456b2be9a228d9345398e5
SHA1

642b2fec9706a93ac87ac2296e5a6828e9487031
SHA256

7c6277c84213a36cf6495b2f6de24629f9cad5d2b1c75b8783871ba544e69545
SHA512

e20acb7493925869c129cf21707deb2893f3d2e3dbb3d84def7a821ba5e6b79031cdc5201a1c827b8486f7dc94a60f864135046fafb31679cd009ec658670046
SSDEEP

12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h2:OZ1xuVVjfFoynPaVBUR8f+kN10EBo

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

xxpunk.ddns.net:100

Mutex

DC_MUTEX-UGZ4W0L

Attributes

gencode
BvLmYmk0zowT
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  7c6277c84213a36cf6495b2f6de24629f9cad5d2b1c75b8783871ba544e69545
- Size
  
  658KB
- MD5
  
  4ce9d3c165456b2be9a228d9345398e5
- SHA1
  
  642b2fec9706a93ac87ac2296e5a6828e9487031
- SHA256
  
  7c6277c84213a36cf6495b2f6de24629f9cad5d2b1c75b8783871ba544e69545
- SHA512
  
  e20acb7493925869c129cf21707deb2893f3d2e3dbb3d84def7a821ba5e6b79031cdc5201a1c827b8486f7dc94a60f864135046fafb31679cd009ec658670046
- SSDEEP
  
  12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h2:OZ1xuVVjfFoynPaVBUR8f+kN10EBo
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan