darkcomet | 88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c | Triage

Sharing

General

Target

88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
Size

662KB
Sample

221130-1z69esda3v
MD5

1eceb73a32f0a7be6a95878a20cd9f7c
SHA1

114d8b19cf4d911544d211fa286a79e1b710ede7
SHA256

88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
SHA512

cc82cd161101f6e007bcca572c244bbb81e3948b533e9d239f3558c9afe2fd90523c6bcd630969b1085b73a087ff1c0553d77d1f7f154bde8296bd2f3c38f94f
SSDEEP

12288:c3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RO:KOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgbw

Score

10^/10

darkcomet freegrime rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Freegrime

C2

applehotel.no-ip.org:100

Mutex

DC_MUTEX-76YKZFB

Attributes

gencode
fokRo1QNqWL0
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
- Size
  
  662KB
- MD5
  
  1eceb73a32f0a7be6a95878a20cd9f7c
- SHA1
  
  114d8b19cf4d911544d211fa286a79e1b710ede7
- SHA256
  
  88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
- SHA512
  
  cc82cd161101f6e007bcca572c244bbb81e3948b533e9d239f3558c9afe2fd90523c6bcd630969b1085b73a087ff1c0553d77d1f7f154bde8296bd2f3c38f94f
- SSDEEP
  
  12288:c3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RO:KOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgbw
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

freegrimedarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan