darkcomet | fe77fee89e707c42354e319421a9a6f757af4a183c444af283088c1791983b9a | Triage

Sharing

General

Target

c6a18c276f74145dd2eae35d1de504ae
Size

690KB
Sample

240313-xmbefaeh99
MD5

c6a18c276f74145dd2eae35d1de504ae
SHA1

ed0fba135058f1b11ccbcbb3d6dff5dc6d4ac4e4
SHA256

fe77fee89e707c42354e319421a9a6f757af4a183c444af283088c1791983b9a
SHA512

1829141cbbd690e1575379ffb594929f10057bc59e774d227deec98d718d1be7418a4d6a330429c6e670370b578f55995453bbb8d3877d41d47001c8907f4263
SSDEEP

12288:K9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZK3/Xu:GiBIGkbxqEcjsWiDxguehC2+

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

176.118.211.155:1604

Mutex

DC_MUTEX-KRQMRET

Attributes

gencode
5kbnJKrtqnGK
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  c6a18c276f74145dd2eae35d1de504ae
- Size
  
  690KB
- MD5
  
  c6a18c276f74145dd2eae35d1de504ae
- SHA1
  
  ed0fba135058f1b11ccbcbb3d6dff5dc6d4ac4e4
- SHA256
  
  fe77fee89e707c42354e319421a9a6f757af4a183c444af283088c1791983b9a
- SHA512
  
  1829141cbbd690e1575379ffb594929f10057bc59e774d227deec98d718d1be7418a4d6a330429c6e670370b578f55995453bbb8d3877d41d47001c8907f4263
- SSDEEP
  
  12288:K9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZK3/Xu:GiBIGkbxqEcjsWiDxguehC2+
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan