darkcomet | c5a21f9c8309d4a3e31ed1f6e299800ab6eca7ec038e3a95d0b81e65b3bec69f | Triage

Submit
Reports

Overview

overview

Static

static

594135f661...18.exe

windows7-x64

594135f661...18.exe

windows10-2004-x64

Sharing

General

Target

594135f66163084e5bb9af4ef47970b1_JaffaCakes118
Size

251KB
Sample

240519-jddljsgf9s
MD5

594135f66163084e5bb9af4ef47970b1
SHA1

bae9e81bbfe3e7ce8242c46abe1c1622b6bcf5b3
SHA256

c5a21f9c8309d4a3e31ed1f6e299800ab6eca7ec038e3a95d0b81e65b3bec69f
SHA512

6de5c97ff247de357e084c6c8a59175de89e2af2e98e5e2fbb7fd2964dfe4056d95f2ac8ccae2b32b4c310240d1412327f94507c504c986d468e2e0427bf853c
SSDEEP

6144:KcNYk1yuwEDBum3qYWnl0pd0EX3Zq2b6wfIDYm0PHQ:KcWkbgTYWnYnt/IDYhP

Score

10^/10

darkcomet test rat trojan upx

Static task

static1

upx test darkcomet

3 signatures

Behavioral task

behavioral1

Sample

594135f66163084e5bb9af4ef47970b1_JaffaCakes118.exe

Resource

win7-20231129-en

darkcomet test rat trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

594135f66163084e5bb9af4ef47970b1_JaffaCakes118.exe

Resource

win10v2004-20240508-en

darkcomet test rat trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

darkcomet

Botnet

Test

C2

127.0.0.1:1604

Mutex

DC_MUTEX-2AAK3JC

Attributes

gencode
uL8qSKiTKGeC
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  594135f66163084e5bb9af4ef47970b1_JaffaCakes118
- Size
  
  251KB
- MD5
  
  594135f66163084e5bb9af4ef47970b1
- SHA1
  
  bae9e81bbfe3e7ce8242c46abe1c1622b6bcf5b3
- SHA256
  
  c5a21f9c8309d4a3e31ed1f6e299800ab6eca7ec038e3a95d0b81e65b3bec69f
- SHA512
  
  6de5c97ff247de357e084c6c8a59175de89e2af2e98e5e2fbb7fd2964dfe4056d95f2ac8ccae2b32b4c310240d1412327f94507c504c986d468e2e0427bf853c
- SSDEEP
  
  6144:KcNYk1yuwEDBum3qYWnl0pd0EX3Zq2b6wfIDYm0PHQ:KcWkbgTYWnYnt/IDYhP
Score

10^/10

darkcomet test rat trojan upx
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

upxtestdarkcomet

behavioral1

darkcomettestrattrojanupx

behavioral2

darkcomettestrattrojanupx

© 2018-2024

Terms | Privacy