darkcomet | 573ab6d10a870a0df4eee136f7ecdd72213fb456f0b022e58c8d01dd5526a44d | Triage

Sharing

General

Target

4e190a3cc7f47f0961c68d8d3fa03561_JaffaCakes118
Size

329KB
Sample

240517-c98m8sdg71
MD5

4e190a3cc7f47f0961c68d8d3fa03561
SHA1

af4e825d19ab0bba032ca9cf253cac7f7f6a0dba
SHA256

573ab6d10a870a0df4eee136f7ecdd72213fb456f0b022e58c8d01dd5526a44d
SHA512

9b2675a9744914265568380e0b2429f5610a51bb24134efbe803b44acfca8f9841602c8dc6f874f07ecdefc7d2432b4f45504ab8ea709e19bb51b2e2b58df5d2
SSDEEP

6144:fAE21pp978na6mFC6M2rfwBQGynR/UzGJAQWZGjjRe/063THveWb2hcBLmuWIwk/:6Rea6cCHQwsR/sGvGmjn6DWmL7WIwLcZ

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-TRCXYV8

Attributes

gencode
QLz31KopM5kc
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  ⮦.exe
- Size
  
  658KB
- MD5
  
  8f028d558e48e06be1d54928c2440fe4
- SHA1
  
  1a94990ee3ba4695ff2960a1f9c36e5a68679c9d
- SHA256
  
  496481311ab3fa6df238bb67218ac8bbcdb4d6111766532730f77bce66c548c2
- SHA512
  
  2dcf833f633944082a51ddc171d39bf00fca41d834d64104164e1d4dbe7a3850167d85a9d77ced6112a0674bd0fd33e639a43e30be8265a2740c7d4b69235a10
- SSDEEP
  
  12288:29HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFO:SiBIGkbxqEcjsWiDxguehC2St
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan