darkcomet | 673c6a131d5bcfad879a35437104e05b072cb7c2140e11c606d81ecf18527ccb | Triage

Sharing

General

Target

ed09fb8103c710575f0c3c3273a0c715_JaffaCakes118
Size

814KB
Sample

240411-ktsk3sbc3x
MD5

ed09fb8103c710575f0c3c3273a0c715
SHA1

f756909049cc33a3028881dff10a4cd04dd43727
SHA256

673c6a131d5bcfad879a35437104e05b072cb7c2140e11c606d81ecf18527ccb
SHA512

cbc05a53d7ca11e05773319087aaf2efa4032c7fc5ba3c0247bef5401d86ded47f8c3b47b5090fc95b9fe156a0bc19e7d1f4579fb25c7b572a0e68b43f4d8136
SSDEEP

24576:B0QRWoJEfg0oChGdJQbjPbNW5tYeP+GFEwmwT:uQRV2o3MPY5Am1T

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-F54S21D

Attributes

gencode
fTKCcbHM4U98
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  ed09fb8103c710575f0c3c3273a0c715_JaffaCakes118
- Size
  
  814KB
- MD5
  
  ed09fb8103c710575f0c3c3273a0c715
- SHA1
  
  f756909049cc33a3028881dff10a4cd04dd43727
- SHA256
  
  673c6a131d5bcfad879a35437104e05b072cb7c2140e11c606d81ecf18527ccb
- SHA512
  
  cbc05a53d7ca11e05773319087aaf2efa4032c7fc5ba3c0247bef5401d86ded47f8c3b47b5090fc95b9fe156a0bc19e7d1f4579fb25c7b572a0e68b43f4d8136
- SSDEEP
  
  24576:B0QRWoJEfg0oChGdJQbjPbNW5tYeP+GFEwmwT:uQRV2o3MPY5Am1T
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan