darkcomet | 6168aa99561fa3e752cdf71c92dd62ca5d67845dd59b1d6ade6dee81e33ed9ec | Triage

Sharing

General

Target

6168aa99561fa3e752cdf71c92dd62ca5d67845dd59b1d6ade6dee81e33ed9ec
Size

743KB
Sample

221205-xspt1sgb63
MD5

f9a4039de5ab09f45ab1047cfdd1385e
SHA1

3cad9077076e98212ebefb66e73125e7cf744d37
SHA256

6168aa99561fa3e752cdf71c92dd62ca5d67845dd59b1d6ade6dee81e33ed9ec
SHA512

fa08facc2d0f38d4c90347f077c2a6e366520af8554414966e512562058085e4e12d1f133300041773aee0294ceeee23a297203516d1801507ce90754e615c66
SSDEEP

12288:39HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFNri9m9yO:RiBIGkbxqEcjsWiDxguehC2S19m9yO

Score

10^/10

darkcomet multibot rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Multibot

C2

isayz.no-ip.info:1604

Mutex

DC_MUTEX-U7KG28Z

Attributes

gencode
86UAZckbJfo0
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  6168aa99561fa3e752cdf71c92dd62ca5d67845dd59b1d6ade6dee81e33ed9ec
- Size
  
  743KB
- MD5
  
  f9a4039de5ab09f45ab1047cfdd1385e
- SHA1
  
  3cad9077076e98212ebefb66e73125e7cf744d37
- SHA256
  
  6168aa99561fa3e752cdf71c92dd62ca5d67845dd59b1d6ade6dee81e33ed9ec
- SHA512
  
  fa08facc2d0f38d4c90347f077c2a6e366520af8554414966e512562058085e4e12d1f133300041773aee0294ceeee23a297203516d1801507ce90754e615c66
- SSDEEP
  
  12288:39HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFNri9m9yO:RiBIGkbxqEcjsWiDxguehC2S19m9yO
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

multibotdarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan