darkcomet | 38ca3e9e674fed0178ad091d820fe17d7efee2c8b3dcc43e2761ffa85d1d2097 | Triage

Sharing

General

Target

80b2b8170a6e11bb840491f55d9a7862
Size

658KB
Sample

240129-yepgrshde2
MD5

80b2b8170a6e11bb840491f55d9a7862
SHA1

b16ee63e7c3d5005134a5acbb343d25e82d7e484
SHA256

38ca3e9e674fed0178ad091d820fe17d7efee2c8b3dcc43e2761ffa85d1d2097
SHA512

e3688b4d859a1ff95a10d42c919e4486f2802154bf795690cf8325e0310e6afec248e93ece778eb072ac97afb30f261535088526f0a7cc2e53b89f474317f6d9
SSDEEP

12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hp:OZ1xuVVjfFoynPaVBUR8f+kN10EBT

Score

10^/10

darkcomet slave rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Slave

C2

hehehe0.zapto.org:1604

Mutex

DC_MUTEX-BGUJELT

Attributes

gencode
3uS2CTqGNFub
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  80b2b8170a6e11bb840491f55d9a7862
- Size
  
  658KB
- MD5
  
  80b2b8170a6e11bb840491f55d9a7862
- SHA1
  
  b16ee63e7c3d5005134a5acbb343d25e82d7e484
- SHA256
  
  38ca3e9e674fed0178ad091d820fe17d7efee2c8b3dcc43e2761ffa85d1d2097
- SHA512
  
  e3688b4d859a1ff95a10d42c919e4486f2802154bf795690cf8325e0310e6afec248e93ece778eb072ac97afb30f261535088526f0a7cc2e53b89f474317f6d9
- SSDEEP
  
  12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hp:OZ1xuVVjfFoynPaVBUR8f+kN10EBT
Score

10^/10

darkcomet slave rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

darkcometslaverattrojan

behavioral2

darkcometslaverattrojan