darkcomet | 37db94399897420b2eb7d682a09ad1b7723ffe64be279225be7071f2163c2197 | Triage

Sharing

General

Target

37db94399897420b2eb7d682a09ad1b7723ffe64be279225be7071f2163c2197
Size

658KB
Sample

221123-s6jgyadb68
MD5

da4e1a6a7d5036d0bf518da37b6e5b06
SHA1

83cd4367bedef294fc2972afb63d5c2614585de1
SHA256

37db94399897420b2eb7d682a09ad1b7723ffe64be279225be7071f2163c2197
SHA512

0116e5a187746daedac055e5f34b790d4db8cfc5a331d8765c7b297822b76d0246eca997dc9e2439eacdeb6ef3d74d587a4926ce44c73f8ef527f818f289aa3e
SSDEEP

12288:q9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hx:mZ1xuVVjfFoynPaVBUR8f+kN10EBH

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-NN77CD6

Attributes

gencode
rQg27lgnvQSJ
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  37db94399897420b2eb7d682a09ad1b7723ffe64be279225be7071f2163c2197
- Size
  
  658KB
- MD5
  
  da4e1a6a7d5036d0bf518da37b6e5b06
- SHA1
  
  83cd4367bedef294fc2972afb63d5c2614585de1
- SHA256
  
  37db94399897420b2eb7d682a09ad1b7723ffe64be279225be7071f2163c2197
- SHA512
  
  0116e5a187746daedac055e5f34b790d4db8cfc5a331d8765c7b297822b76d0246eca997dc9e2439eacdeb6ef3d74d587a4926ce44c73f8ef527f818f289aa3e
- SSDEEP
  
  12288:q9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hx:mZ1xuVVjfFoynPaVBUR8f+kN10EBH
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan