General
-
Target
c5a7fcb90e63d1cf98a4052aa20c5b9aef002919206f333fc6c3d0809e8972bf
-
Size
1.1MB
-
Sample
221204-v4b17aee7y
-
MD5
dbfc593199674df4b9db5ae1e2f93897
-
SHA1
4c700c10fd95a68d7e3f661f4ebd788f80e1ce03
-
SHA256
c5a7fcb90e63d1cf98a4052aa20c5b9aef002919206f333fc6c3d0809e8972bf
-
SHA512
1e894994a5edae0e8bc15f0971599cae0fbfb1573fdd4aa483e77897bd3c54c76b8a13d0c73b2127f06844d208e55be78e61e2c8a1bc1acca797634f99a726d2
-
SSDEEP
12288:IvQejwyA0DBRbsGazSViOAe1oY/P4QxFRQuB57wlQ6hVfzc0kWpLquJrIwVIEK2E:eZBiCf8l1J5I83lkj8ROrT
Malware Config
Targets
-
-
Target
c5a7fcb90e63d1cf98a4052aa20c5b9aef002919206f333fc6c3d0809e8972bf
-
Size
1.1MB
-
MD5
dbfc593199674df4b9db5ae1e2f93897
-
SHA1
4c700c10fd95a68d7e3f661f4ebd788f80e1ce03
-
SHA256
c5a7fcb90e63d1cf98a4052aa20c5b9aef002919206f333fc6c3d0809e8972bf
-
SHA512
1e894994a5edae0e8bc15f0971599cae0fbfb1573fdd4aa483e77897bd3c54c76b8a13d0c73b2127f06844d208e55be78e61e2c8a1bc1acca797634f99a726d2
-
SSDEEP
12288:IvQejwyA0DBRbsGazSViOAe1oY/P4QxFRQuB57wlQ6hVfzc0kWpLquJrIwVIEK2E:eZBiCf8l1J5I83lkj8ROrT
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-