darkcomet | 9476a03388d4430be210aa585ee5de0d23e04496565415f355693c2ca1799325 | Triage

Submit
Reports

Overview

overview

Static

static

9476a03388...25.exe

windows7-x64

9476a03388...25.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

9476a03388d4430be210aa585ee5de0d23e04496565415f355693c2ca1799325
Size

349KB
Sample

221205-xsxvmabb5t
MD5

dc088f5010df5c7dfd18a66cd77a3a64
SHA1

b6465d7ba695c0d3c8f73c0d98d6470e6d2cf2c4
SHA256

9476a03388d4430be210aa585ee5de0d23e04496565415f355693c2ca1799325
SHA512

d7beeb47b29395d3fc87ba71ca72bf2ab5a05f0defa689401cc9ec64344c21508ee18f7b9fc579be089646e00b2e25e545ff52a6ae147d157c2447df42110f55
SSDEEP

6144:WcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37BjuKTxapkaRTiq9aH:WcW7KEZlPzCy37Na2aRTiua

Score

10^/10

darkcomet guest16 rat trojan upx

Static task

static1

upx guest16 darkcomet

2 signatures

Behavioral task

behavioral1

Sample

9476a03388d4430be210aa585ee5de0d23e04496565415f355693c2ca1799325.exe

Resource

win7-20220812-en

darkcomet guest16 rat trojan upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

9476a03388d4430be210aa585ee5de0d23e04496565415f355693c2ca1799325.exe

Resource

win10v2004-20221111-en

darkcomet guest16 rat trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

stg-0.no-ip.info:1604

Mutex

DC_MUTEX-ZLHTL8B

Attributes

gencode
YL2Jvry3giXG
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  9476a03388d4430be210aa585ee5de0d23e04496565415f355693c2ca1799325
- Size
  
  349KB
- MD5
  
  dc088f5010df5c7dfd18a66cd77a3a64
- SHA1
  
  b6465d7ba695c0d3c8f73c0d98d6470e6d2cf2c4
- SHA256
  
  9476a03388d4430be210aa585ee5de0d23e04496565415f355693c2ca1799325
- SHA512
  
  d7beeb47b29395d3fc87ba71ca72bf2ab5a05f0defa689401cc9ec64344c21508ee18f7b9fc579be089646e00b2e25e545ff52a6ae147d157c2447df42110f55
- SSDEEP
  
  6144:WcNYS996KFifeVjBpeExgVTFSXFoMc5RhCaL37BjuKTxapkaRTiq9aH:WcW7KEZlPzCy37Na2aRTiua
Score

10^/10

darkcomet guest16 rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

upxguest16darkcomet

behavioral1

darkcometguest16rattrojanupx

behavioral2

darkcometguest16rattrojanupx

© 2018-2025

Terms | Privacy