darkcomet | 63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1 | Triage

Sharing

General

Target

63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
Size

644KB
Sample

221201-lyjdmsbe4t
MD5

d3e7305fd210a0d1e5c35599d295a4d1
SHA1

abbc3d77fbf0aee002829b91a66affb9d8c58959
SHA256

63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
SHA512

13c2187b427edc798ef9dcc9d012fe5113259ffd19a32f3aa94c3de513aef82694e202119d73ee9f3d65b6fa107d82fc2ebbedd1dbb03af380150c133ec8b478
SSDEEP

12288:J9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:TZ1xuVVjfFoynPaVBUR8f+kN10EB

Score

10^/10

darkcomet zombie rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Zombie

C2

y29kzv93yxjfnta5.no-ip.org:500

Mutex

DC_MUTEX-VFVGQGF

Attributes

gencode
6hYEgFhMDA0h
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
- Size
  
  644KB
- MD5
  
  d3e7305fd210a0d1e5c35599d295a4d1
- SHA1
  
  abbc3d77fbf0aee002829b91a66affb9d8c58959
- SHA256
  
  63308e54cf88216e9e2398cb848a02cdda578c9e7de9ba527382390401c5c4f1
- SHA512
  
  13c2187b427edc798ef9dcc9d012fe5113259ffd19a32f3aa94c3de513aef82694e202119d73ee9f3d65b6fa107d82fc2ebbedd1dbb03af380150c133ec8b478
- SSDEEP
  
  12288:J9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h:TZ1xuVVjfFoynPaVBUR8f+kN10EB
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

zombiedarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan