darkcomet | 683b475415004f97043786bd1929245747d0944264f3382e7c33213dcf496de2 | Triage

Sharing

General

Target

683b475415004f97043786bd1929245747d0944264f3382e7c33213dcf496de2
Size

660KB
Sample

230130-e4js2aaf9y
MD5

14ca3c71ce2ce0e25f1a3a517d09ce20
SHA1

3192ac5e494d54eda88e762e7965e75f5760b6ca
SHA256

683b475415004f97043786bd1929245747d0944264f3382e7c33213dcf496de2
SHA512

4c1f9621ff48f4c02a07b7cd9d86962532a3c30ed0140e4b8c70222f8734bee142d56e44e205c43d48333b4310cfb9548d6804d42491da085163b22317393d92
SSDEEP

12288:wXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Uw:WnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JA

Score

10^/10

darkcomet guest16_min rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

192.168.2.140:1604

Mutex

DCMIN_MUTEX-0R8E3Q8

Attributes

gencode
Wl5HqbED3MRQ
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  683b475415004f97043786bd1929245747d0944264f3382e7c33213dcf496de2
- Size
  
  660KB
- MD5
  
  14ca3c71ce2ce0e25f1a3a517d09ce20
- SHA1
  
  3192ac5e494d54eda88e762e7965e75f5760b6ca
- SHA256
  
  683b475415004f97043786bd1929245747d0944264f3382e7c33213dcf496de2
- SHA512
  
  4c1f9621ff48f4c02a07b7cd9d86962532a3c30ed0140e4b8c70222f8734bee142d56e44e205c43d48333b4310cfb9548d6804d42491da085163b22317393d92
- SSDEEP
  
  12288:wXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452Uw:WnAw2WWeFcfbP9VPSPMTSPL/rWvzq4JA
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16_mindarkcomet

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan