darkcomet | ca0484b094225cfbcf97cc0a279be5b7aa156f95ff3e5f768655301c4b48fe01 | Triage

Sharing

General

Target

ca0484b094225cfbcf97cc0a279be5b7aa156f95ff3e5f768655301c4b48fe01
Size

658KB
Sample

221123-s7ns2sgc7v
MD5

f630c31d7a3a9d4aab32187928a2a27f
SHA1

58f9719bf9a7512ddd70c2e8cdd28189898b8231
SHA256

ca0484b094225cfbcf97cc0a279be5b7aa156f95ff3e5f768655301c4b48fe01
SHA512

1389a79b06e7c7eddd82cc58db3b9e01719a4315d820652867a0b97ead8ef95423a0a16d5cae0b9ff43af54308bb50fe289dc84efe8c2157d00571482538e7a0
SSDEEP

12288:O9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFG:aiBIGkbxqEcjsWiDxguehC2SR

Score

10^/10

darkcomet turkish rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Turkish

C2

darkcomentturkish.no-ip.biz:50468

Mutex

DC_MUTEX-1NMBKHR

Attributes

gencode
w2ZScjgPCnZT
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  ca0484b094225cfbcf97cc0a279be5b7aa156f95ff3e5f768655301c4b48fe01
- Size
  
  658KB
- MD5
  
  f630c31d7a3a9d4aab32187928a2a27f
- SHA1
  
  58f9719bf9a7512ddd70c2e8cdd28189898b8231
- SHA256
  
  ca0484b094225cfbcf97cc0a279be5b7aa156f95ff3e5f768655301c4b48fe01
- SHA512
  
  1389a79b06e7c7eddd82cc58db3b9e01719a4315d820652867a0b97ead8ef95423a0a16d5cae0b9ff43af54308bb50fe289dc84efe8c2157d00571482538e7a0
- SSDEEP
  
  12288:O9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFG:aiBIGkbxqEcjsWiDxguehC2SR
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

turkishdarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan