Overview

overview

10

Static

static

3

2a27e1bf30...71.exe

windows7-x64

10

2a27e1bf30...71.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a27e1bf3054ed3419dce0040b5e5671

  • Size

    235KB

  • Sample

    231231-f8ynesgfg5

  • MD5

    2a27e1bf3054ed3419dce0040b5e5671

  • SHA1

    10af5ff9c7b622f835236640498e32bbdb3d7c84

  • SHA256

    e971bba2a884dbbbd5e9d4859522232170b4d4678c84214293d772aa07dacf59

  • SHA512

    02cc1860b90687618eb8686438d37d5a9955ed335188ea553cc36e5709ed6223b83dad5408b409560bd501395b41da9f3d6ffcf42fa59317601fae40174f5b86

  • SSDEEP

    6144:imDUj24gqU85IzrFA9NfmDuLpNr5NhWudrWDhSG:iqUj2LkizrzDujVNhWucD4G

Score
10/10
darkcometbotrattrojan

Malware Config

Extracted

Family

darkcomet

Botnet

BOT

C2

dctexh.zapto.org:21

Mutex

DC_MUTEX-7WCDBD6

Attributes
  • gencode

    4yFpatnwhkXC

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      2a27e1bf3054ed3419dce0040b5e5671

    • Size

      235KB

    • MD5

      2a27e1bf3054ed3419dce0040b5e5671

    • SHA1

      10af5ff9c7b622f835236640498e32bbdb3d7c84

    • SHA256

      e971bba2a884dbbbd5e9d4859522232170b4d4678c84214293d772aa07dacf59

    • SHA512

      02cc1860b90687618eb8686438d37d5a9955ed335188ea553cc36e5709ed6223b83dad5408b409560bd501395b41da9f3d6ffcf42fa59317601fae40174f5b86

    • SSDEEP

      6144:imDUj24gqU85IzrFA9NfmDuLpNr5NhWudrWDhSG:iqUj2LkizrzDujVNhWucD4G

    Score
    10/10
    darkcometbotrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks