darkcomet | bccd08cf68861ec86644562ec00189e08d8dc7914627832b048d24d9cac5ac55 | Triage

Sharing

General

Target

tmp
Size

658KB
Sample

230223-swc76sab7t
MD5

b777226ef93acdb168980bbca82a48fe
SHA1

63f5d32829c11d691825fe89fc2d6e14b0f42005
SHA256

bccd08cf68861ec86644562ec00189e08d8dc7914627832b048d24d9cac5ac55
SHA512

5ab8ec4ece54a0bb6effb4750002e12953552ca8d3d67c4f1b4591fd36b0d3cf3ceddc398008dc34aad0973be64050a012c0d5a2ead9c1a22be68ad056333a37
SSDEEP

12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hs:OZ1xuVVjfFoynPaVBUR8f+kN10EBS

Score

10^/10

darkcomet guest16_min rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

80.85.156.184:1456

Mutex

DCMIN_MUTEX-9T0ASAZ

Attributes

gencode
zJcL2UknxQMT
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  tmp
- Size
  
  658KB
- MD5
  
  b777226ef93acdb168980bbca82a48fe
- SHA1
  
  63f5d32829c11d691825fe89fc2d6e14b0f42005
- SHA256
  
  bccd08cf68861ec86644562ec00189e08d8dc7914627832b048d24d9cac5ac55
- SHA512
  
  5ab8ec4ece54a0bb6effb4750002e12953552ca8d3d67c4f1b4591fd36b0d3cf3ceddc398008dc34aad0973be64050a012c0d5a2ead9c1a22be68ad056333a37
- SSDEEP
  
  12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hs:OZ1xuVVjfFoynPaVBUR8f+kN10EBS
Score

10^/10

darkcomet guest16_min rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

guest16_mindarkcomet

behavioral1

darkcometguest16_minrattrojan

behavioral2

darkcometguest16_minrattrojan