Overview

overview

10

Static

static

3

3f4f6c76d2...b3.exe

windows7-x64

10

3f4f6c76d2...b3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3f4f6c76d2eaf1604d0e9d8c446c5bb3

  • Size

    659KB

  • Sample

    240103-3j5f1afab2

  • MD5

    3f4f6c76d2eaf1604d0e9d8c446c5bb3

  • SHA1

    1374d8b1266809f280bf9dffcad4e260b4ee2ce7

  • SHA256

    e07662fb37b6e105c2e5dc7537bc15e57eb956a8782f192369f2c44a041cbc64

  • SHA512

    f683ed32c55fee93ed743df4ae0b739c0ae0f99f70ac8ef7714796c6fc1314e4a46269dd8cff8f817bdd5c910b5eaa7aa13f7a364c56ec8cd5ea91d9a154d9b5

  • SSDEEP

    12288:EsKF7AyRduBQDE95ZKoeY/bzN/Uy+8M3sLR4Xu:EDF7AyPZDk5YovDzNMy+8xRQu

Score
10/10
darkcometrattrojan

Malware Config

Targets

    • Target

      3f4f6c76d2eaf1604d0e9d8c446c5bb3

    • Size

      659KB

    • MD5

      3f4f6c76d2eaf1604d0e9d8c446c5bb3

    • SHA1

      1374d8b1266809f280bf9dffcad4e260b4ee2ce7

    • SHA256

      e07662fb37b6e105c2e5dc7537bc15e57eb956a8782f192369f2c44a041cbc64

    • SHA512

      f683ed32c55fee93ed743df4ae0b739c0ae0f99f70ac8ef7714796c6fc1314e4a46269dd8cff8f817bdd5c910b5eaa7aa13f7a364c56ec8cd5ea91d9a154d9b5

    • SSDEEP

      12288:EsKF7AyRduBQDE95ZKoeY/bzN/Uy+8M3sLR4Xu:EDF7AyPZDk5YovDzNMy+8xRQu

    Score
    10/10
    darkcometrattrojan

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks