Overview

overview

10

Static

static

3

acf05449c0...f6.exe

windows7-x64

10

acf05449c0...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9bee27b268c35b46a2cd109a4f743af3a664e0a84443d2cd08b1f9a089db559f

  • Size

    314KB

  • Sample

    240417-q6vtvsae89

  • MD5

    a04776fb33f9a5887c13ed0736300056

  • SHA1

    adb10518ac3fbda7931ad3b2b97397e452da136e

  • SHA256

    9bee27b268c35b46a2cd109a4f743af3a664e0a84443d2cd08b1f9a089db559f

  • SHA512

    8543919e364e94f385e7b8e2cc86c3128dc87467e58c92bde0d4e4af20dbc8c6789fe543d35ebe3845a7419b89d3a52e50af84e60696f19a52d3ea5f702df358

  • SSDEEP

    6144:UWD/DZm2PVLbvzFX4QwI9Iz9psj6AOJowcVwvoXv4JxK/bz0KFosYKzUMtD+Zu2l:rzDHPV7FX4QZG9pNAOJowcSvowcboKFI

Score
10/10
darkcometrattrojanupx

Malware Config

Targets

    • Target

      acf05449c06970a54cc36fc7412f025f2c80c577d7ce3073b18fba70b39fb7f6.exe

    • Size

      852KB

    • MD5

      142b6a00a17c3f7853f4cfeebfe72c13

    • SHA1

      799ea8e4a8295d0018e81fa910fe3e3e734237da

    • SHA256

      acf05449c06970a54cc36fc7412f025f2c80c577d7ce3073b18fba70b39fb7f6

    • SHA512

      761fb7c01fc53a2e260876d3e51e48b740ed86562e3505a4195fc2e89cd86762f76b725a7c267c439986515a7ca3b194f3367da3fdefafb47dd852b264f2d521

    • SSDEEP

      12288:MMM0D0t0S0O0Sv8Di0BRtIwrfLDEDEOjX7kmW:NxgSfrvDi0BDIwrERnk7

    Score
    10/10
    darkcometrattrojanupx

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

      trojanratdarkcomet

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks