Overview

overview

10

Static

static

5

506cd4060a...68.exe

windows7-x64

10

506cd4060a...68.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    506cd4060a793c9b081993b32a6937b97bdc56768e9d3556709bc0821c3bd568

  • Size

    1.4MB

  • Sample

    221123-s6xpkadb83

  • MD5

    904160993f2b501e484ca4fb8b265426

  • SHA1

    6503d217d420da180403d3fc7481cdfdb6f8f56f

  • SHA256

    506cd4060a793c9b081993b32a6937b97bdc56768e9d3556709bc0821c3bd568

  • SHA512

    b7dbce068258e42e08c76b0d6561157d8cb3389cab3d4fb51a0696d235d9491e1e3da4401ef452a3a29ffb73e87765c59b3da1d357df3c76acd1aec5a2008abb

  • SSDEEP

    24576:e4lavt0LkLL9IMixoEgeaT6c1tq4jXLtRW+iqDjSilectBq9MmCS:Jkwkn9IMHeaT6a86X9HSSbaPCS

Score
10/10
darkcometrattrojan

Malware Config

Targets

    • Target

      506cd4060a793c9b081993b32a6937b97bdc56768e9d3556709bc0821c3bd568

    • Size

      1.4MB

    • MD5

      904160993f2b501e484ca4fb8b265426

    • SHA1

      6503d217d420da180403d3fc7481cdfdb6f8f56f

    • SHA256

      506cd4060a793c9b081993b32a6937b97bdc56768e9d3556709bc0821c3bd568

    • SHA512

      b7dbce068258e42e08c76b0d6561157d8cb3389cab3d4fb51a0696d235d9491e1e3da4401ef452a3a29ffb73e87765c59b3da1d357df3c76acd1aec5a2008abb

    • SSDEEP

      24576:e4lavt0LkLL9IMixoEgeaT6c1tq4jXLtRW+iqDjSilectBq9MmCS:Jkwkn9IMHeaT6a86X9HSSbaPCS

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks