darkcomet | 3e10c254d6536cc63d286b53abfebbf53785e6509ae9fb569920747d379936f6 | Triage

Sharing

General

Target

tmp
Size

658KB
Sample

230223-ss9rzaab6w
MD5

5c0227204548c5a768c2e11da02ff774
SHA1

b6e0a2fe0dc36d55b89253cf0590434647fd96b4
SHA256

3e10c254d6536cc63d286b53abfebbf53785e6509ae9fb569920747d379936f6
SHA512

3fbc32d85363147d695d0e160d599544255ef63a27abbfa9d5636b936d531b69b493410d3a1f785b5870670a75094c08411707b48c264b21942601f7959a3f93
SSDEEP

12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/ho:WZ1xuVVjfFoynPaVBUR8f+kN10EBO

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

80.85.154.180:1456

Mutex

DC_MUTEX-NFTBT53

Attributes

gencode
07w1VPGRR8fc
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  tmp
- Size
  
  658KB
- MD5
  
  5c0227204548c5a768c2e11da02ff774
- SHA1
  
  b6e0a2fe0dc36d55b89253cf0590434647fd96b4
- SHA256
  
  3e10c254d6536cc63d286b53abfebbf53785e6509ae9fb569920747d379936f6
- SHA512
  
  3fbc32d85363147d695d0e160d599544255ef63a27abbfa9d5636b936d531b69b493410d3a1f785b5870670a75094c08411707b48c264b21942601f7959a3f93
- SSDEEP
  
  12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/ho:WZ1xuVVjfFoynPaVBUR8f+kN10EBO
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan