darkcomet | 90b39460245926d4f5d7dc1fc718c1e922553360e9211c4349d82c568cb94ea2 | Triage

Sharing

General

Target

90b39460245926d4f5d7dc1fc718c1e922553360e9211c4349d82c568cb94ea2
Size

658KB
Sample

221201-lx88nsbe2w
MD5

d131b9cc9a6f1ca0f244d29b7658667e
SHA1

ee16bf6f3da40a7e9db400135c666f0e2d393d6a
SHA256

90b39460245926d4f5d7dc1fc718c1e922553360e9211c4349d82c568cb94ea2
SHA512

7b678512badb4f7749b890c330db65f34fffe35903078266524d614385bd147adbd6765ee91d64ab306b10ef776190320d3d0c49b3f0b757e3aaef49ea81a776
SSDEEP

12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hb:GZ1xuVVjfFoynPaVBUR8f+kN10EBp

Score

10^/10

darkcomet main rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Main

C2

testrat137.no-ip.org:1604

Mutex

DC_MUTEX-CA7M5NC

Attributes

gencode
vL3Ee6l4q8TQ
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  90b39460245926d4f5d7dc1fc718c1e922553360e9211c4349d82c568cb94ea2
- Size
  
  658KB
- MD5
  
  d131b9cc9a6f1ca0f244d29b7658667e
- SHA1
  
  ee16bf6f3da40a7e9db400135c666f0e2d393d6a
- SHA256
  
  90b39460245926d4f5d7dc1fc718c1e922553360e9211c4349d82c568cb94ea2
- SHA512
  
  7b678512badb4f7749b890c330db65f34fffe35903078266524d614385bd147adbd6765ee91d64ab306b10ef776190320d3d0c49b3f0b757e3aaef49ea81a776
- SSDEEP
  
  12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hb:GZ1xuVVjfFoynPaVBUR8f+kN10EBp
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan