darkcomet | c89ce9d31d3787924fdcd8f4ff75a9b8858bf8ce3094b8897c681377ecd0e76f | Triage

Sharing

General

Target

c89ce9d31d3787924fdcd8f4ff75a9b8858bf8ce3094b8897c681377ecd0e76f
Size

315KB
Sample

221203-fshl9sgb76
MD5

fd8a578a4aa1416332dc40d88f12d3ff
SHA1

546db1e24af17b2d0a880b11cc87b703586c38c6
SHA256

c89ce9d31d3787924fdcd8f4ff75a9b8858bf8ce3094b8897c681377ecd0e76f
SHA512

d8419ba367750622eabed27202dcde7013771c56d9545aee3944a8c13d3d0cec95abc9b6298dea43983d3f6c3b204c08c2401ab5a4a05f61256d2a56c4a15381
SSDEEP

6144:cDXxN7UZjTATfwqK+ejy2JMnBReB/oOVbu5AkrhajCZcpR9GT7jCcb0sk8PJ:UxNAFTArwqKy2JMDuoOwgTp3G+Yd

Score

10^/10

darkcomet rat trojan

Malware Config

Targets

- Target
  
  c89ce9d31d3787924fdcd8f4ff75a9b8858bf8ce3094b8897c681377ecd0e76f
- Size
  
  315KB
- MD5
  
  fd8a578a4aa1416332dc40d88f12d3ff
- SHA1
  
  546db1e24af17b2d0a880b11cc87b703586c38c6
- SHA256
  
  c89ce9d31d3787924fdcd8f4ff75a9b8858bf8ce3094b8897c681377ecd0e76f
- SHA512
  
  d8419ba367750622eabed27202dcde7013771c56d9545aee3944a8c13d3d0cec95abc9b6298dea43983d3f6c3b204c08c2401ab5a4a05f61256d2a56c4a15381
- SSDEEP
  
  6144:cDXxN7UZjTATfwqK+ejy2JMnBReB/oOVbu5AkrhajCZcpR9GT7jCcb0sk8PJ:UxNAFTArwqKy2JMDuoOwgTp3G+Yd
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan