darkcomet | 22cd06dcc778f91c3a61df3021413943a4d31d13156eea60e68cb048b79789cd | Triage

Sharing

General

Target

26700ee6548ebd591e29a840f809c6be
Size

303KB
Sample

231225-r28etscgh2
MD5

26700ee6548ebd591e29a840f809c6be
SHA1

fc475a65d63f69fc9463860215119fa0d4a18d97
SHA256

22cd06dcc778f91c3a61df3021413943a4d31d13156eea60e68cb048b79789cd
SHA512

0d55d5bdc24e998a19ffbb01e97f399af68c542739ad07a238cf2e37b089affe6d2c16eb98fff4659b17582dc506e6e3622ac1aeeb933f2e47abb76b790b6d5e
SSDEEP

6144:4ZkFT/GI9PHxIpbQLvfXZP1/Sg1sgXXp7zpaAy:4md+I9PHxIeHpPMg1R7laAy

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:81

Mutex

DC_MUTEX-B2ZNMAP

Attributes

gencode
R7dNoFBljKP6
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  26700ee6548ebd591e29a840f809c6be
- Size
  
  303KB
- MD5
  
  26700ee6548ebd591e29a840f809c6be
- SHA1
  
  fc475a65d63f69fc9463860215119fa0d4a18d97
- SHA256
  
  22cd06dcc778f91c3a61df3021413943a4d31d13156eea60e68cb048b79789cd
- SHA512
  
  0d55d5bdc24e998a19ffbb01e97f399af68c542739ad07a238cf2e37b089affe6d2c16eb98fff4659b17582dc506e6e3622ac1aeeb933f2e47abb76b790b6d5e
- SSDEEP
  
  6144:4ZkFT/GI9PHxIpbQLvfXZP1/Sg1sgXXp7zpaAy:4md+I9PHxIeHpPMg1R7laAy
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan