darkcomet | c2a89abace500e1cd78481e2590c0403f0dd1eb5df4ef0120f51e4d89fb20203 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2a89abace500e1cd78481e2590c0403f0dd1eb5df4ef0120f51e4d89fb20203
Size

1.8MB
Sample

221204-cz1vmshg22
MD5

89783ca33e2fbe4f121c7784a18ce693
SHA1

47d727f35c802fa9a66713fff0a43b6fc1db73e8
SHA256

c2a89abace500e1cd78481e2590c0403f0dd1eb5df4ef0120f51e4d89fb20203
SHA512

cde04a8c32247c444df0fabc1c25c663fdda7d2e96a6799f5adf16c499e1f0006771a63de1decc7a6f1d44515d455ccb32123d2bcbf0972abfde682626b60209
SSDEEP

49152:fiDQLla9zhTig0+8FDHIu3i3+u9R0u+MMp7OE:qDQYrmHxi3+uX3+MwZ

Score

10^/10

darkcomet rat trojan

Malware Config

Targets

- Target
  
  c2a89abace500e1cd78481e2590c0403f0dd1eb5df4ef0120f51e4d89fb20203
- Size
  
  1.8MB
- MD5
  
  89783ca33e2fbe4f121c7784a18ce693
- SHA1
  
  47d727f35c802fa9a66713fff0a43b6fc1db73e8
- SHA256
  
  c2a89abace500e1cd78481e2590c0403f0dd1eb5df4ef0120f51e4d89fb20203
- SHA512
  
  cde04a8c32247c444df0fabc1c25c663fdda7d2e96a6799f5adf16c499e1f0006771a63de1decc7a6f1d44515d455ccb32123d2bcbf0972abfde682626b60209
- SSDEEP
  
  49152:fiDQLla9zhTig0+8FDHIu3i3+u9R0u+MMp7OE:qDQYrmHxi3+uX3+MwZ
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan