darkcomet | 9acf51dc2335f76d4ea2421874661730b4d6283495874194f6efeb5a49ed9ea6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67daefba200429d22426a6cb8c1f0194
Size

143KB
Sample

240119-rt3jlsgch4
MD5

67daefba200429d22426a6cb8c1f0194
SHA1

a8533fc067b8eb6d1a3a5fc5d68450732bcb5a39
SHA256

9acf51dc2335f76d4ea2421874661730b4d6283495874194f6efeb5a49ed9ea6
SHA512

dd9c8d4dd158117b589f4515d69775167e6cbf179b083c69998eb11c897847551581c23d0500ee11b59a17256a70eeb60c45fad6d16d21610c3041507d752c3b
SSDEEP

3072:BsD2ADkpFGkTXlDJA6ba2esDetNxVgbTGV9X4:BplzpTVDVa2en/V6Mp

Score

10^/10

darkcomet persistence rat trojan

Malware Config

Targets

- Target
  
  67daefba200429d22426a6cb8c1f0194
- Size
  
  143KB
- MD5
  
  67daefba200429d22426a6cb8c1f0194
- SHA1
  
  a8533fc067b8eb6d1a3a5fc5d68450732bcb5a39
- SHA256
  
  9acf51dc2335f76d4ea2421874661730b4d6283495874194f6efeb5a49ed9ea6
- SHA512
  
  dd9c8d4dd158117b589f4515d69775167e6cbf179b083c69998eb11c897847551581c23d0500ee11b59a17256a70eeb60c45fad6d16d21610c3041507d752c3b
- SSDEEP
  
  3072:BsD2ADkpFGkTXlDJA6ba2esDetNxVgbTGV9X4:BplzpTVDVa2en/V6Mp
Score

10^/10

darkcomet persistence rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometpersistencerattrojan

behavioral2

darkcometpersistencerattrojan