General

  • Target

    80b2b8170a6e11bb840491f55d9a7862

  • Size

    658KB

  • Sample

    240129-yepgrshde2

  • MD5

    80b2b8170a6e11bb840491f55d9a7862

  • SHA1

    b16ee63e7c3d5005134a5acbb343d25e82d7e484

  • SHA256

    38ca3e9e674fed0178ad091d820fe17d7efee2c8b3dcc43e2761ffa85d1d2097

  • SHA512

    e3688b4d859a1ff95a10d42c919e4486f2802154bf795690cf8325e0310e6afec248e93ece778eb072ac97afb30f261535088526f0a7cc2e53b89f474317f6d9

  • SSDEEP

    12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hp:OZ1xuVVjfFoynPaVBUR8f+kN10EBT

Malware Config

Extracted

Family

darkcomet

Botnet

Slave

C2

hehehe0.zapto.org:1604

Mutex

DC_MUTEX-BGUJELT

Attributes
  • gencode

    3uS2CTqGNFub

  • install

    false

  • offline_keylogger

    true

  • persistence

    false

Targets

    • Target

      80b2b8170a6e11bb840491f55d9a7862

    • Size

      658KB

    • MD5

      80b2b8170a6e11bb840491f55d9a7862

    • SHA1

      b16ee63e7c3d5005134a5acbb343d25e82d7e484

    • SHA256

      38ca3e9e674fed0178ad091d820fe17d7efee2c8b3dcc43e2761ffa85d1d2097

    • SHA512

      e3688b4d859a1ff95a10d42c919e4486f2802154bf795690cf8325e0310e6afec248e93ece778eb072ac97afb30f261535088526f0a7cc2e53b89f474317f6d9

    • SSDEEP

      12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hp:OZ1xuVVjfFoynPaVBUR8f+kN10EBT

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

MITRE ATT&CK Matrix ATT&CK v13

Tasks