darkcomet | f596cc3ee3d53376fc24f363d50c51210e381c8d60f02ebc08f56681afd72ea6 | Triage

Sharing

General

Target

1b16b12d3173fc7d9e367af488934fb4_JaffaCakes118
Size

658KB
Sample

240506-gpjwlaec89
MD5

1b16b12d3173fc7d9e367af488934fb4
SHA1

fae4f74602773f66ae574e5adedb43fff66c28d6
SHA256

f596cc3ee3d53376fc24f363d50c51210e381c8d60f02ebc08f56681afd72ea6
SHA512

c5460ad9f848c5442aa5b36ef988c5c4d4d318cbe4dde3d34f4485060950a95f38233b5ceef7dffb62ba738ecd8c0a6ea51c99cfd699307d8b629717d0925c7f
SSDEEP

12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h/:WZ1xuVVjfFoynPaVBUR8f+kN10EB5

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

95.215.254.97:1604

Mutex

DC_MUTEX-5F4P2ZS

Attributes

gencode
CHwp4Gq604H6
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  1b16b12d3173fc7d9e367af488934fb4_JaffaCakes118
- Size
  
  658KB
- MD5
  
  1b16b12d3173fc7d9e367af488934fb4
- SHA1
  
  fae4f74602773f66ae574e5adedb43fff66c28d6
- SHA256
  
  f596cc3ee3d53376fc24f363d50c51210e381c8d60f02ebc08f56681afd72ea6
- SHA512
  
  c5460ad9f848c5442aa5b36ef988c5c4d4d318cbe4dde3d34f4485060950a95f38233b5ceef7dffb62ba738ecd8c0a6ea51c99cfd699307d8b629717d0925c7f
- SSDEEP
  
  12288:a9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h/:WZ1xuVVjfFoynPaVBUR8f+kN10EB5
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan