General
-
Target
5593d25697e1ca127dd3ea72ef86a1df14ebcef6dab7f06da9ed3c8104c4db11
-
Size
1.1MB
-
Sample
221124-cnxc3sba38
-
MD5
a69d7489bf86c0bcc6bf5b8a084ae781
-
SHA1
89bd2b4f2aa013c7babcaf0fa35991cefd81b8da
-
SHA256
5593d25697e1ca127dd3ea72ef86a1df14ebcef6dab7f06da9ed3c8104c4db11
-
SHA512
937532d1018aa37e5c512067b3a52ddf3c6ff6f3f6ec883866e3a32b1615d9cbbc34483107d5db17f441454d15fcd9f4aa2ac4c17b3cfc58eecd2a9d6b8efb8b
-
SSDEEP
12288:YNazwlQZGxtBB5rnYOvhzmT9venv4Fiq271BQ6qG/31kfVvU+42j8j9:YNqMQZI6Ove4nBBj1QP4g49
Malware Config
Extracted
darkcomet
Newest11
numberoneminecraft.serveminecraft.net:9001
DC_MUTEX-NU7E6HS
-
gencode
tlNkFNx3gjhk
-
install
false
-
offline_keylogger
false
-
persistence
false
Targets
-
-
Target
5593d25697e1ca127dd3ea72ef86a1df14ebcef6dab7f06da9ed3c8104c4db11
-
Size
1.1MB
-
MD5
a69d7489bf86c0bcc6bf5b8a084ae781
-
SHA1
89bd2b4f2aa013c7babcaf0fa35991cefd81b8da
-
SHA256
5593d25697e1ca127dd3ea72ef86a1df14ebcef6dab7f06da9ed3c8104c4db11
-
SHA512
937532d1018aa37e5c512067b3a52ddf3c6ff6f3f6ec883866e3a32b1615d9cbbc34483107d5db17f441454d15fcd9f4aa2ac4c17b3cfc58eecd2a9d6b8efb8b
-
SSDEEP
12288:YNazwlQZGxtBB5rnYOvhzmT9venv4Fiq271BQ6qG/31kfVvU+42j8j9:YNqMQZI6Ove4nBBj1QP4g49
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-