darkcomet | 1d3490d483add4321d1e7e36b261ca531f044add59aa92503f65653beabf98a7 | Triage

Sharing

General

Target

4a2a461b6b5c255d0e8ce05a7faa3a86_JaffaCakes118
Size

756KB
Sample

240516-j52gpabf4v
MD5

4a2a461b6b5c255d0e8ce05a7faa3a86
SHA1

b472f68938b86e46ba18e2e189c7650f43c2bc58
SHA256

1d3490d483add4321d1e7e36b261ca531f044add59aa92503f65653beabf98a7
SHA512

495fda1fa99fb8e403a68cc0264ca5d334c312878256ede6b6d1c7d7044f3655dc4cd29b8844390b94d01660bd41aebbd8e9363021ed2afeb359a04ed780b764
SSDEEP

12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hmbx:GZ1xuVVjfFoynPaVBUR8f+kN10EBIl

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

185.56.80.11:1337

Mutex

DC_MUTEX-1S29XHT

Attributes

gencode
8y0fWvmSpcL3
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  4a2a461b6b5c255d0e8ce05a7faa3a86_JaffaCakes118
- Size
  
  756KB
- MD5
  
  4a2a461b6b5c255d0e8ce05a7faa3a86
- SHA1
  
  b472f68938b86e46ba18e2e189c7650f43c2bc58
- SHA256
  
  1d3490d483add4321d1e7e36b261ca531f044add59aa92503f65653beabf98a7
- SHA512
  
  495fda1fa99fb8e403a68cc0264ca5d334c312878256ede6b6d1c7d7044f3655dc4cd29b8844390b94d01660bd41aebbd8e9363021ed2afeb359a04ed780b764
- SSDEEP
  
  12288:K9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hmbx:GZ1xuVVjfFoynPaVBUR8f+kN10EBIl
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan