Overview

overview

10

Static

static

3

acf05449c0...f6.exe

windows7-x64

10

acf05449c0...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    625720018417b027bbda97cc50e80288029503009457e911d51ba9590ede4c82

  • Size

    314KB

  • Sample

    240417-p6zx5sgb79

  • MD5

    63fd7b677191e668aabafb22bdf3c476

  • SHA1

    8a07fbfbdc5b17d51a176de0c5df6f49f283209b

  • SHA256

    625720018417b027bbda97cc50e80288029503009457e911d51ba9590ede4c82

  • SHA512

    6945d48d364e9fe7cf3bef2b52df94e6a1c98501d4244e30cc67b59e98e3824aa9efd5b0cc7907de632571404d1b97bc38d0927eef9086dc285f33a296b48e28

  • SSDEEP

    6144:bAvEB2r7qcZXKU8MB8K6BIgqcJK3piDIOVftgQTcu80dC:bARqKaUnwJosTWccuW

Score
10/10
darkcometrattrojanupx

Malware Config

Targets

    • Target

      acf05449c06970a54cc36fc7412f025f2c80c577d7ce3073b18fba70b39fb7f6.exe

    • Size

      852KB

    • MD5

      142b6a00a17c3f7853f4cfeebfe72c13

    • SHA1

      799ea8e4a8295d0018e81fa910fe3e3e734237da

    • SHA256

      acf05449c06970a54cc36fc7412f025f2c80c577d7ce3073b18fba70b39fb7f6

    • SHA512

      761fb7c01fc53a2e260876d3e51e48b740ed86562e3505a4195fc2e89cd86762f76b725a7c267c439986515a7ca3b194f3367da3fdefafb47dd852b264f2d521

    • SSDEEP

      12288:MMM0D0t0S0O0Sv8Di0BRtIwrfLDEDEOjX7kmW:NxgSfrvDi0BDIwrERnk7

    Score
    10/10
    darkcometrattrojanupx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks