darkcomet | 0f5554d591d05ad894cb7cc93e1a2692b5793f60f753f900b2036f2b92e46d98 | Triage

Submit
Reports

Overview

overview

Static

static

3

ab177e29d7...c0.exe

windows7-x64

ab177e29d7...c0.exe

windows10-2004-x64

Sharing

General

Target

ab177e29d73a60ee334ba3b4199259c0
Size

346KB
Sample

240228-fzb33acb48
MD5

ab177e29d73a60ee334ba3b4199259c0
SHA1

9803deaeef41c1029a0ff40b7a037dcb54cdff46
SHA256

0f5554d591d05ad894cb7cc93e1a2692b5793f60f753f900b2036f2b92e46d98
SHA512

8447d28ab5b287365e02bbe3b3dd77204b7e2fac082c02b46c61bb0b0879b01c141c5dbe89a5476b53ffbc06bac03129370be9a206b9c5495e7f344d5fe52a0a
SSDEEP

6144:WRBI/28WFGjGY3WJwhxP8GeVxLaSsm9DlMsx5l1vT53o13V3o13:eBst33WJwh9xeVx+WMkr/Y5VY5

Score

10^/10

darkcomet rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ab177e29d73a60ee334ba3b4199259c0.exe

Resource

win7-20240221-en

darkcomet rat trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ab177e29d73a60ee334ba3b4199259c0.exe

Resource

win10v2004-20240226-en

darkcomet rat trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ab177e29d73a60ee334ba3b4199259c0
- Size
  
  346KB
- MD5
  
  ab177e29d73a60ee334ba3b4199259c0
- SHA1
  
  9803deaeef41c1029a0ff40b7a037dcb54cdff46
- SHA256
  
  0f5554d591d05ad894cb7cc93e1a2692b5793f60f753f900b2036f2b92e46d98
- SHA512
  
  8447d28ab5b287365e02bbe3b3dd77204b7e2fac082c02b46c61bb0b0879b01c141c5dbe89a5476b53ffbc06bac03129370be9a206b9c5495e7f344d5fe52a0a
- SSDEEP
  
  6144:WRBI/28WFGjGY3WJwhxP8GeVxLaSsm9DlMsx5l1vT53o13V3o13:eBst33WJwh9xeVx+WMkr/Y5VY5
Score

10^/10

darkcomet rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometrattrojan

behavioral2

darkcometrattrojan

© 2018-2024

Terms | Privacy