darkcomet | efa5d268afc29d36341f62507ed86aa830452b329d75cb0f70d55c55165c06f6 | Triage

Sharing

General

Target

efa5d268afc29d36341f62507ed86aa830452b329d75cb0f70d55c55165c06f6
Size

756KB
Sample

221201-acr8wabh6t
MD5

61109a5154ff42d0ea13218c8a445db5
SHA1

e183e30af4bcbaa83a06d1e6b8edf3feb5e04524
SHA256

efa5d268afc29d36341f62507ed86aa830452b329d75cb0f70d55c55165c06f6
SHA512

c416de5946b86dc0988192e378db4ed635a98bda479d1d00214b5e814b5b58be843de40afe97b48d2b2ea62f182fc20d4a71ccb065f48db05b675b1c49c9570c
SSDEEP

12288:v9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hmKlKebJ4:ZZ1xuVVjfFoynPaVBUR8f+kN10EB4hv

Score

10^/10

darkcomet test rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

test

C2

jnyn-99.no-ip.org:81

Mutex

DC_MUTEX-WK4BRVV

Attributes

gencode
0n0KjWQxljuz
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  efa5d268afc29d36341f62507ed86aa830452b329d75cb0f70d55c55165c06f6
- Size
  
  756KB
- MD5
  
  61109a5154ff42d0ea13218c8a445db5
- SHA1
  
  e183e30af4bcbaa83a06d1e6b8edf3feb5e04524
- SHA256
  
  efa5d268afc29d36341f62507ed86aa830452b329d75cb0f70d55c55165c06f6
- SHA512
  
  c416de5946b86dc0988192e378db4ed635a98bda479d1d00214b5e814b5b58be843de40afe97b48d2b2ea62f182fc20d4a71ccb065f48db05b675b1c49c9570c
- SSDEEP
  
  12288:v9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hmKlKebJ4:ZZ1xuVVjfFoynPaVBUR8f+kN10EB4hv
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan