darkcomet | 56ed81c9241e4d5f5aeff9f755dcd7fea618b64f24463f61836609a6f26eb04c | Triage

Sharing

General

Target

c64c953eb21641cb9688d357578e08e3
Size

660KB
Sample

240313-tjcljshc2s
MD5

c64c953eb21641cb9688d357578e08e3
SHA1

3fbb9e6a87dd1c939a34cd70275ded8ca0d38111
SHA256

56ed81c9241e4d5f5aeff9f755dcd7fea618b64f24463f61836609a6f26eb04c
SHA512

492b1f3fd9ea4e542f9ae73da2b5280ac286895d24b7cb872a30a40bc1f5eff61946a36aff45e2666b49571bd9a41ce6e17797659fc38cbb1ab2aa2d0fe70d30
SSDEEP

12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UQ:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jg

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-F54S21D

Attributes

gencode
U3duTmZ5pURh
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  c64c953eb21641cb9688d357578e08e3
- Size
  
  660KB
- MD5
  
  c64c953eb21641cb9688d357578e08e3
- SHA1
  
  3fbb9e6a87dd1c939a34cd70275ded8ca0d38111
- SHA256
  
  56ed81c9241e4d5f5aeff9f755dcd7fea618b64f24463f61836609a6f26eb04c
- SHA512
  
  492b1f3fd9ea4e542f9ae73da2b5280ac286895d24b7cb872a30a40bc1f5eff61946a36aff45e2666b49571bd9a41ce6e17797659fc38cbb1ab2aa2d0fe70d30
- SSDEEP
  
  12288:gXhpvNWw276S/DuoeFcfbmiJ99VPhYR5MTSHvLenELrWv1lZw4JuMkMh/fy452UQ:mnAw2WWeFcfbP9VPSPMTSPL/rWvzq4Jg
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan