darkcomet | 6dab7f46d13970c672437ddd1e6dbc9e0895b444af21e172e4caa992674747e0 | Triage

Sharing

General

Target

50f85d1218bfd78cbc9b9a3b2ae27e0d
Size

794KB
Sample

231226-d6yvasgedk
MD5

50f85d1218bfd78cbc9b9a3b2ae27e0d
SHA1

4f28fbbf73bbb102896ca5aee0a259ef313e5cab
SHA256

6dab7f46d13970c672437ddd1e6dbc9e0895b444af21e172e4caa992674747e0
SHA512

62c76ee3c0a7ed11a75b413ae2b1f90430eac8a9676f7aeea54481606f0fe537150a4e7b52f0270ae3de74357f21dbc28f9c78e852db0b040cde0e448f40ffad
SSDEEP

24576:pAu2fGoX3NhLAuw593fLsebFAuw593fLsebX:pAu2fX7Aum9fIexAum9fIeT

Score

10^/10

darkcomet guest16_min rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

192.168.1.2:1604

Mutex

DCMIN_MUTEX-ZKRQG0X

Attributes

gencode
tt0A9tl5EFbu
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  Transformice Fly hack.exe
- Size
  
  658KB
- MD5
  
  94bc2f5c004b0e3ab6c0262cba80fc4a
- SHA1
  
  600a4f9dc5cef58c76753d268a61069fe17fdb13
- SHA256
  
  6d918db4317392ff40e1fb8458cacbdae76c2c1fe46c7b20e95ffc37a221669c
- SHA512
  
  8259ab9a96709ea714a9121db5d583d7be7d416e607dddb2ef651cb7b8872675f3636e028ad39cf7854dac0990c69f214ad844dac534ad6b71789bd0cbd589c9
- SSDEEP
  
  12288:q9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hF:mZ1xuVVjfFoynPaVBUR8f+kN10EB7
Score

1^/10
behavioral1 behavioral2
- Target
  
  Transformice Teleport hack..exe
- Size
  
  658KB
- MD5
  
  8b8466ad3a4ba525bf8e1ed2f8653d80
- SHA1
  
  3c85a8996aaceec72dee3af63d3a26d4db1254d8
- SHA256
  
  850689c77d3db140b2074917fbcb4fde2d1fb3a60b2059e8eac68cf80be13a42
- SHA512
  
  9ae2b95255750a97f0df07f724b29022ad91434ea8f39a0b59f79be39ac35a9b5707303c7ad644fecb7bb68e0018bb5d80aec9fa7229e630ae62082e02577b10
- SSDEEP
  
  12288:q9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hz:mZ1xuVVjfFoynPaVBUR8f+kN10EB9
Score

10^/10

darkcomet guest16_min rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral3 behavioral4
- Target
  
  Transformice matrix HACK.exe
- Size
  
  658KB
- MD5
  
  df16fa81c86cf94f269b0ecca784cca2
- SHA1
  
  7a2222615fd03f2ec8d040e73739d92581f6a10d
- SHA256
  
  c6f320370667482214650ef753ab25c66760a92c167d6e17b3ab5ae8cf9f1649
- SHA512
  
  171dff1163273d995e82e3956e926df2c3308c2baf64757fde2e60fd6ace6ebea30e024e52f5524bc107852df629b5ffe7c6a0541c6a4e8980f0058248af4802
- SSDEEP
  
  12288:q9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hj:mZ1xuVVjfFoynPaVBUR8f+kN10EBB
Score

10^/10

darkcomet guest16_min rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral5 behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16_mindarkcomet

behavioral1

behavioral2

behavioral3

behavioral4

darkcometguest16_minrattrojan

behavioral5

darkcometguest16_minrattrojan

behavioral6

darkcometguest16_minrattrojan