darkcomet | 6a84fe3e7eca6838dea1491c61bcf281f921ac7c924e3bef6f93a0f4ee77af48 | Triage

Submit
Reports

Overview

overview

Static

static

fe9519d271...18.exe

windows7-x64

fe9519d271...18.exe

windows10-2004-x64

Sharing

General

Target

fe9519d271fe522e08d088a98a50ebb3_JaffaCakes118
Size

235KB
Sample

240421-gjwm7sda4t
MD5

fe9519d271fe522e08d088a98a50ebb3
SHA1

4fc1d9471c35346791f1c7dd079961c979ff41f6
SHA256

6a84fe3e7eca6838dea1491c61bcf281f921ac7c924e3bef6f93a0f4ee77af48
SHA512

61ec0b5b53e67b4ab42cee8b1f0b277f651f81df3c5a76db9dfd94fab3e5957e217ccb58ae217e3271defef14ac8674c7bbb58f463e0375162a5fb580cd54a57
SSDEEP

6144:b4CFfifD2gVKVTQQ249HZ52KTh9XKOCgLJacj5/AZtRs5q:bXgr8VMQDT52WXKq9fj5/AZj4q

Score

10^/10

darkcomet rat trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

fe9519d271fe522e08d088a98a50ebb3_JaffaCakes118.exe

Resource

win7-20240221-en

darkcomet rat trojan upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe9519d271fe522e08d088a98a50ebb3_JaffaCakes118.exe

Resource

win10v2004-20240412-en

darkcomet rat trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  fe9519d271fe522e08d088a98a50ebb3_JaffaCakes118
- Size
  
  235KB
- MD5
  
  fe9519d271fe522e08d088a98a50ebb3
- SHA1
  
  4fc1d9471c35346791f1c7dd079961c979ff41f6
- SHA256
  
  6a84fe3e7eca6838dea1491c61bcf281f921ac7c924e3bef6f93a0f4ee77af48
- SHA512
  
  61ec0b5b53e67b4ab42cee8b1f0b277f651f81df3c5a76db9dfd94fab3e5957e217ccb58ae217e3271defef14ac8674c7bbb58f463e0375162a5fb580cd54a57
- SSDEEP
  
  6144:b4CFfifD2gVKVTQQ249HZ52KTh9XKOCgLJacj5/AZtRs5q:bXgr8VMQDT52WXKq9fj5/AZj4q
Score

10^/10

darkcomet rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

darkcometrattrojanupx

behavioral2

darkcometrattrojanupx

© 2018-2024

Terms | Privacy