darkcomet | hxxps://github[.]com/kheiron1337/icraat | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

https://github.com/k...

windows10-2004-x64

Sharing

General

Target

https://github.com/kheiron1337/icraat
Sample

240211-a92tksaf6z

Score

10^/10

darkcomet guest16 rat trojan

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/kheiron1337/icraat

Resource

win10v2004-20231215-en

darkcomet guest16 rat trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

80.208.221.140:3048

Mutex

DC_MUTEX-7SW877C

Attributes

gencode
iX3UiRGJM1JW
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  https://github.com/kheiron1337/icraat
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

darkcometguest16rattrojan

© 2018-2024

Terms | Privacy