Overview

overview

10

Static

static

10

executable...xe.exe

windows7-x64

10

executable...xe.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    executable300exeexeexeexe.exe

  • Size

    658KB

  • Sample

    230711-kkcs9sgh4y

  • MD5

    57b9308c476e7a443b3a8d6d4844d22c

  • SHA1

    3c2f98bb99a517e0e096009305bc6b1b5b0c1e99

  • SHA256

    25aaa2657e649d8976cb321a6bf63eb56e8451ebde550003ef98782dd1b5ae62

  • SHA512

    4c661130a1cc56d0d6e3a26dfce00cd6397447e3257e20073b003d1a0827a18d225572eeb0572f8bff0450582e49cbdd8bc2d5a7ffbab5edb12667a887c77274

  • SSDEEP

    12288:A9HFJ9rJxq1usonSohLBHARgykNCHP9ISH:kZ1eusloVBgRvkNe/

Score
10/10
darkcometguest16rattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

test213.no-ip.info:1604

Mutex

DC_MUTEX-KHNEW06

Attributes
  • InstallPath

    MSDCSC\runddl32.exe

  • gencode

    F6FE8i2BxCpu

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    MicroUpdate

Targets

    • Target

      executable300exeexeexeexe.exe

    • Size

      658KB

    • MD5

      57b9308c476e7a443b3a8d6d4844d22c

    • SHA1

      3c2f98bb99a517e0e096009305bc6b1b5b0c1e99

    • SHA256

      25aaa2657e649d8976cb321a6bf63eb56e8451ebde550003ef98782dd1b5ae62

    • SHA512

      4c661130a1cc56d0d6e3a26dfce00cd6397447e3257e20073b003d1a0827a18d225572eeb0572f8bff0450582e49cbdd8bc2d5a7ffbab5edb12667a887c77274

    • SSDEEP

      12288:A9HFJ9rJxq1usonSohLBHARgykNCHP9ISH:kZ1eusloVBgRvkNe/

    Score
    10/10
    darkcometguest16rattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks