darkcomet | 7c061f35cc4836f995d6d7574857fc4006b3a0996f9bd1a75c434a8860efcab0 | Triage

Sharing

General

Target

4f64be8951dd8efbd292fc6edaee8a47_JaffaCakes118
Size

689KB
Sample

240517-lpd3kace54
MD5

4f64be8951dd8efbd292fc6edaee8a47
SHA1

174b84145872d63c0863539cde39e59b123e021c
SHA256

7c061f35cc4836f995d6d7574857fc4006b3a0996f9bd1a75c434a8860efcab0
SHA512

1cdf4b5d0afd3573001b7deb3bc8e331f10635880777dd3d43ef15fa1163096f497ebd428c43c440278408e2c6e5a7815d5f660c23389bfe5593e7ab717ea72b
SSDEEP

12288:L9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h7l8:FZ1xuVVjfFoynPaVBUR8f+kN10EBc

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:1604

Mutex

DC_MUTEX-5HD286E

Attributes

gencode
QlqDemYib82R
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  4f64be8951dd8efbd292fc6edaee8a47_JaffaCakes118
- Size
  
  689KB
- MD5
  
  4f64be8951dd8efbd292fc6edaee8a47
- SHA1
  
  174b84145872d63c0863539cde39e59b123e021c
- SHA256
  
  7c061f35cc4836f995d6d7574857fc4006b3a0996f9bd1a75c434a8860efcab0
- SHA512
  
  1cdf4b5d0afd3573001b7deb3bc8e331f10635880777dd3d43ef15fa1163096f497ebd428c43c440278408e2c6e5a7815d5f660c23389bfe5593e7ab717ea72b
- SSDEEP
  
  12288:L9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/h7l8:FZ1xuVVjfFoynPaVBUR8f+kN10EBc
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan