darkcomet | 88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c | Triage

Sharing

General

Target

88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
Size

662KB
Sample

221130-1z69esda3v
MD5

1eceb73a32f0a7be6a95878a20cd9f7c
SHA1

114d8b19cf4d911544d211fa286a79e1b710ede7
SHA256

88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
SHA512

cc82cd161101f6e007bcca572c244bbb81e3948b533e9d239f3558c9afe2fd90523c6bcd630969b1085b73a087ff1c0553d77d1f7f154bde8296bd2f3c38f94f
SSDEEP

12288:c3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RO:KOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgbw

Score

10^/10

darkcomet freegrime rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Freegrime

C2

applehotel.no-ip.org:100

Mutex

DC_MUTEX-76YKZFB

Attributes

gencode
fokRo1QNqWL0
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
- Size
  
  662KB
- MD5
  
  1eceb73a32f0a7be6a95878a20cd9f7c
- SHA1
  
  114d8b19cf4d911544d211fa286a79e1b710ede7
- SHA256
  
  88b5011527d93d7518bde32a98b8ce0365e184f97fc467901e5084d20711816c
- SHA512
  
  cc82cd161101f6e007bcca572c244bbb81e3948b533e9d239f3558c9afe2fd90523c6bcd630969b1085b73a087ff1c0553d77d1f7f154bde8296bd2f3c38f94f
- SSDEEP
  
  12288:c3OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RO:KOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgbw
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

freegrimedarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan