darkcomet | e083f87f2e1b7d29700705f851c3d84e8e38d41ea44213b2b06c31057a46173f | Triage

Sharing

General

Target

e083f87f2e1b7d29700705f851c3d84e8e38d41ea44213b2b06c31057a46173f
Size

681KB
Sample

230130-e4hkzaaf9w
MD5

27add3faa0e0fea2bb56df4740650f90
SHA1

1b275adf0315d78a66a92f8da79e894cef58c9c8
SHA256

e083f87f2e1b7d29700705f851c3d84e8e38d41ea44213b2b06c31057a46173f
SHA512

c3fc386ee8f5c834427fa6afa78ffac31e0b92888da189c26c26be29aa4ec02f718a0c4342ec46e342222ad8ab878e2e730fb4c6e90542ccc56265d2254385df
SSDEEP

12288:ck0QNlxOnizg37k4LUSd0rv5WvYW5HMzLXj9pqQd7cqESAYi991fA/aVJL:90QpGih4bd0rv5+l5szLXj917cqPu911

Score

10^/10

darkcomet yahoo rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Yahoo

C2

hunter128.no-ip.org:1604

Mutex

DC_MUTEX-2NDATS9

Attributes

gencode
QVriKmdqWjcu
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  e083f87f2e1b7d29700705f851c3d84e8e38d41ea44213b2b06c31057a46173f
- Size
  
  681KB
- MD5
  
  27add3faa0e0fea2bb56df4740650f90
- SHA1
  
  1b275adf0315d78a66a92f8da79e894cef58c9c8
- SHA256
  
  e083f87f2e1b7d29700705f851c3d84e8e38d41ea44213b2b06c31057a46173f
- SHA512
  
  c3fc386ee8f5c834427fa6afa78ffac31e0b92888da189c26c26be29aa4ec02f718a0c4342ec46e342222ad8ab878e2e730fb4c6e90542ccc56265d2254385df
- SSDEEP
  
  12288:ck0QNlxOnizg37k4LUSd0rv5WvYW5HMzLXj9pqQd7cqESAYi991fA/aVJL:90QpGih4bd0rv5+l5szLXj917cqPu911
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan