darkcomet | dac2a692d6a98391dabd9e46ad4fc1e415fcf7113f89788c0fded901e4ad5123 | Triage

Sharing

General

Target

dac2a692d6a98391dabd9e46ad4fc1e415fcf7113f89788c0fded901e4ad5123
Size

900KB
Sample

221203-v8q1xabc92
MD5

fbee6c6ea4d85561fcaf47a163927c18
SHA1

7211b7fab76c9b3755d8ae13912d78cdbeae7a7b
SHA256

dac2a692d6a98391dabd9e46ad4fc1e415fcf7113f89788c0fded901e4ad5123
SHA512

05e40ba134fd7b528ac9bf1ed3eec331e5eec82c1385c68511edc189e1853866331eda20f97e48b28d7fb9d9f17e1136641e290785d607b2c27a3c94e220c225
SSDEEP

12288:wdnoRlSN2qtCyYbFxxhAoWTZxXimszWSUMBT+lYIaNB+ud4+AU1+LDbsNEYZHuB2:lWkqtCyYbsrXPgG3i+udNFMYElBJQ

Score

10^/10

darkcomet rat trojan

Malware Config

Targets

- Target
  
  dac2a692d6a98391dabd9e46ad4fc1e415fcf7113f89788c0fded901e4ad5123
- Size
  
  900KB
- MD5
  
  fbee6c6ea4d85561fcaf47a163927c18
- SHA1
  
  7211b7fab76c9b3755d8ae13912d78cdbeae7a7b
- SHA256
  
  dac2a692d6a98391dabd9e46ad4fc1e415fcf7113f89788c0fded901e4ad5123
- SHA512
  
  05e40ba134fd7b528ac9bf1ed3eec331e5eec82c1385c68511edc189e1853866331eda20f97e48b28d7fb9d9f17e1136641e290785d607b2c27a3c94e220c225
- SSDEEP
  
  12288:wdnoRlSN2qtCyYbFxxhAoWTZxXimszWSUMBT+lYIaNB+ud4+AU1+LDbsNEYZHuB2:lWkqtCyYbsrXPgG3i+udNFMYElBJQ
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan