darkcomet | 151f078a9959804b34d79243faad88bbc54035a835c8155badb53513fbff2de9 | Triage

Sharing

General

Target

54d9e1209e030c96a67cf8e54f28c600_JaffaCakes118
Size

658KB
Sample

240518-qbv65scg6y
MD5

54d9e1209e030c96a67cf8e54f28c600
SHA1

f98ae5b15297e32a7abddf40dd9ef9dab92ece01
SHA256

151f078a9959804b34d79243faad88bbc54035a835c8155badb53513fbff2de9
SHA512

8cacfe5fd8dfe08158dd26cc0a48133d67a8b025e6487e2e1a0e6b9dbcd4cd1663bd96b8b1f97f0596efddf3bcf5dbc58cfdede76ea2cb7c77557a535f94010d
SSDEEP

12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hh:OZ1xuVVjfFoynPaVBUR8f+kN10EBT

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

193.107.225.209:1604

Mutex

DC_MUTEX-CD7XRY7

Attributes

gencode
ymaXgh1n3edo
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  54d9e1209e030c96a67cf8e54f28c600_JaffaCakes118
- Size
  
  658KB
- MD5
  
  54d9e1209e030c96a67cf8e54f28c600
- SHA1
  
  f98ae5b15297e32a7abddf40dd9ef9dab92ece01
- SHA256
  
  151f078a9959804b34d79243faad88bbc54035a835c8155badb53513fbff2de9
- SHA512
  
  8cacfe5fd8dfe08158dd26cc0a48133d67a8b025e6487e2e1a0e6b9dbcd4cd1663bd96b8b1f97f0596efddf3bcf5dbc58cfdede76ea2cb7c77557a535f94010d
- SSDEEP
  
  12288:i9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hh:OZ1xuVVjfFoynPaVBUR8f+kN10EBT
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan