darkcomet | 443e4785627b626e8b3f00efc3d222f46cdc8af175e5b5f7b8fb48bff2ce9643 | Triage

Sharing

General

Target

97b8c916b12c672fd1e5db1926f7af6a
Size

662KB
Sample

240212-1y82mada8s
MD5

97b8c916b12c672fd1e5db1926f7af6a
SHA1

92c7d7ee93fffce6861affb6c39ac3909324651a
SHA256

443e4785627b626e8b3f00efc3d222f46cdc8af175e5b5f7b8fb48bff2ce9643
SHA512

95b26ad4d3d16ac884bd25a960f05841b15aa6b10564c996ca4ad911c7f417a3177c404fc1f4fee3bd092affb8c844c1cc9803a84d351c17717abfdc99cbf041
SSDEEP

12288:42f2giUAfNEQk93kuJqL4mEFaS3IZvK/lGRgOUqmq9kR6lhKXBB3a9FsqJKB57d/:HAlE1xkd7SgK/cRgOnmq9g6kB36rKX6O

Score

10^/10

darkcomet 4 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

4

C2

mido-mio.no-ip.info:1604

Mutex

DC_MUTEX-WK2MU6B

Attributes

gencode
M0WJbiQXAl7b
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  97b8c916b12c672fd1e5db1926f7af6a
- Size
  
  662KB
- MD5
  
  97b8c916b12c672fd1e5db1926f7af6a
- SHA1
  
  92c7d7ee93fffce6861affb6c39ac3909324651a
- SHA256
  
  443e4785627b626e8b3f00efc3d222f46cdc8af175e5b5f7b8fb48bff2ce9643
- SHA512
  
  95b26ad4d3d16ac884bd25a960f05841b15aa6b10564c996ca4ad911c7f417a3177c404fc1f4fee3bd092affb8c844c1cc9803a84d351c17717abfdc99cbf041
- SSDEEP
  
  12288:42f2giUAfNEQk93kuJqL4mEFaS3IZvK/lGRgOUqmq9kR6lhKXBB3a9FsqJKB57d/:HAlE1xkd7SgK/cRgOnmq9g6kB36rKX6O
Score

10^/10

darkcomet 4 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcomet4rattrojan

behavioral2

darkcomet4rattrojan