Extracted

• • Target

    0b85a3a2a0bb71f4a131d276f1fe8d4c13bac9b6307d9eb96670e9ced1e2620a

  • Size

    943KB

  • MD5

    0d7d7429425801971b952d95ac69bf79

  • SHA1

    812ce1d1e71dd0ca962687705530f6bc4be9fd84

  • SHA256

    0b85a3a2a0bb71f4a131d276f1fe8d4c13bac9b6307d9eb96670e9ced1e2620a

  • SHA512

    d254f16d0e12206b913fa038a8263e8ee7eb37216064d3ff4bda7da8f397a8746ab079fe417ba2faefd6a648bdda54f2301422c2d248a22b656130870b2105ae

  • SSDEEP

    24576:cBoWFTCn5Dn8RCOTwv9UA2d0pAEnR4DlHWQig:EFTS8BK+A+0pAY6DlHWQig

  Score

  10^/10

  darkcometguest16persistencerattrojan

  • Darkcomet

    DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    trojanratdarkcomet

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2