darkcomet | 63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1 | Triage

Sharing

General

Target

63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
Size

644KB
Sample

221201-lyjdmsbe4t
MD5

d3e7305fd210a0d1e5c35599d295a4d1
SHA1

abbc3d77fbf0aee002829b91a66affb9d8c58959
SHA256

63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
SHA512

13c2187b427edc798ef9dcc9d012fe5113259ffd19a32f3aa94c3de513aef82694e202119d73ee9f3d65b6fa107d82fc2ebbedd1dbb03af380150c133ec8b478
SSDEEP

12288:J9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:TZ1xuVVjfFoynPaVBUR8f+kN10EB

Score

10^/10

darkcomet zombie rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Zombie

C2

y29kzv93yxjfnta5.no-ip.org:500

Mutex

DC_MUTEX-VFVGQGF

Attributes

gencode
6hYEgFhMDA0h
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
- Size
  
  644KB
- MD5
  
  d3e7305fd210a0d1e5c35599d295a4d1
- SHA1
  
  abbc3d77fbf0aee002829b91a66affb9d8c58959
- SHA256
  
  63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
- SHA512
  
  13c2187b427edc798ef9dcc9d012fe5113259ffd19a32f3aa94c3de513aef82694e202119d73ee9f3d65b6fa107d82fc2ebbedd1dbb03af380150c133ec8b478
- SSDEEP
  
  12288:J9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:TZ1xuVVjfFoynPaVBUR8f+kN10EB
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

zombiedarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan