darkcomet | 9a7a2fa7fd9a752cc1f0e264e11765098e9308db0b42c6a252f336c13e1d23e0 | Triage

Sharing

General

Target

9a7a2fa7fd9a752cc1f0e264e11765098e9308db0b42c6a252f336c13e1d23e0
Size

7.2MB
Sample

221125-h7y9nsec2y
MD5

827f6fb0a7e2752eb9579d948bff7951
SHA1

1002f68f7ad6565284516a77edb020644780ea45
SHA256

9a7a2fa7fd9a752cc1f0e264e11765098e9308db0b42c6a252f336c13e1d23e0
SHA512

45147abd30ef7b30884c10ddf87301dd328289097169b0c8e0a2ea1cccf3fa13008a5b3868252c17ee9187b44bb0593799e772fb280d2e3a4bccb25c1c17f1dc
SSDEEP

196608:FxXYlCIZID4cVsgYBb/p1BA2F3qzPKpVKfu2XJV4jZb9zCjb5k3:FVf9YhBrKPEEXHEb1UW

Score

10^/10

darkcomet neshta pony persistence rat spyware stealer trojan

Malware Config

Extracted

Family

pony

C2

http://pelehaty.netai.net/gate.php

Targets

- Target
  
  9a7a2fa7fd9a752cc1f0e264e11765098e9308db0b42c6a252f336c13e1d23e0
- Size
  
  7.2MB
- MD5
  
  827f6fb0a7e2752eb9579d948bff7951
- SHA1
  
  1002f68f7ad6565284516a77edb020644780ea45
- SHA256
  
  9a7a2fa7fd9a752cc1f0e264e11765098e9308db0b42c6a252f336c13e1d23e0
- SHA512
  
  45147abd30ef7b30884c10ddf87301dd328289097169b0c8e0a2ea1cccf3fa13008a5b3868252c17ee9187b44bb0593799e772fb280d2e3a4bccb25c1c17f1dc
- SSDEEP
  
  196608:FxXYlCIZID4cVsgYBb/p1BA2F3qzPKpVKfu2XJV4jZb9zCjb5k3:FVf9YhBrKPEEXHEb1UW
Score

10^/10

darkcomet neshta pony persistence rat spyware stealer trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Detect Neshta payload
- Neshta
  Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
  persistence spyware neshta
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometneshtaponypersistenceratspywarestealertrojan

behavioral2