darkcomet | 6c6c50ad0cf2a9e640f7c6dc5239b09238abf8aba8ce5519a44791d9d867d99f | Triage

Sharing

General

Target

e22cf4a071f3699de6c88e4276180c82
Size

662KB
Sample

240327-vqa7qsgf99
MD5

e22cf4a071f3699de6c88e4276180c82
SHA1

a57be3225286b5a6a1475244ef0eb32c012005ed
SHA256

6c6c50ad0cf2a9e640f7c6dc5239b09238abf8aba8ce5519a44791d9d867d99f
SHA512

f40a028f778e3fa9fd872feae93e05ed15a33ad7f25a5cc239230f49754e455e97f53a0d8abdf3b59851affbb262a5b6838f4620880f3b82e537a41807928cc4
SSDEEP

12288:03OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RQ:iOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgby

Score

10^/10

darkcomet guest16_min rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16_min

C2

127.0.0.1:1604

Mutex

DCMIN_MUTEX-KCBUEL2

Attributes

gencode
Du8NUDxUzZSK
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  e22cf4a071f3699de6c88e4276180c82
- Size
  
  662KB
- MD5
  
  e22cf4a071f3699de6c88e4276180c82
- SHA1
  
  a57be3225286b5a6a1475244ef0eb32c012005ed
- SHA256
  
  6c6c50ad0cf2a9e640f7c6dc5239b09238abf8aba8ce5519a44791d9d867d99f
- SHA512
  
  f40a028f778e3fa9fd872feae93e05ed15a33ad7f25a5cc239230f49754e455e97f53a0d8abdf3b59851affbb262a5b6838f4620880f3b82e537a41807928cc4
- SSDEEP
  
  12288:03OpvNW4a76S/Ddon/m09bbYlIaaMcE2YGhq3vo1RnfAvIESJgoE26yc/RQ:iOA4aWNn/m09fKIaaBEtWq3A1Ov8Jgby
Score

10^/10

darkcomet guest16_min rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16_mindarkcomet

behavioral1

darkcometguest16_minrattrojan

behavioral2

darkcometguest16_minrattrojan