darkcomet | 16b8d72b51b7518ab8660f7ebaf9163ce6495c1e383f6a07fe2d36ec21486668 | Triage

Sharing

General

Target

5c98db14eae2051a75db884bc62938c0_JaffaCakes118
Size

658KB
Sample

240520-cc4ysaec62
MD5

5c98db14eae2051a75db884bc62938c0
SHA1

771310c416fba4ab0ffa135bebec6c04ea3a2e5e
SHA256

16b8d72b51b7518ab8660f7ebaf9163ce6495c1e383f6a07fe2d36ec21486668
SHA512

ea75ed405bba523babf68685ad02cd932e4bbcb9e2944c21aeb1883bfe67e1717203d60fbf3eccecdd9e26c1900999bfcbdfa127d20306d1bd44e1490008a5d3
SSDEEP

12288:O9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFV:aiBIGkbxqEcjsWiDxguehC2SS

Score

10^/10

darkcomet guest16 rat trojan

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

127.0.0.1:25565

92.246.89.145:25565

92.246.89.145:5555

92.246.89.145:8888

127.0.0.1:8888

127.0.0.1:5555

Mutex

DC_MUTEX-UBCQNRK

Attributes

gencode
QP5sRdeDQuBd
install
false
offline_keylogger
true
persistence
false

Targets

- Target
  
  5c98db14eae2051a75db884bc62938c0_JaffaCakes118
- Size
  
  658KB
- MD5
  
  5c98db14eae2051a75db884bc62938c0
- SHA1
  
  771310c416fba4ab0ffa135bebec6c04ea3a2e5e
- SHA256
  
  16b8d72b51b7518ab8660f7ebaf9163ce6495c1e383f6a07fe2d36ec21486668
- SHA512
  
  ea75ed405bba523babf68685ad02cd932e4bbcb9e2944c21aeb1883bfe67e1717203d60fbf3eccecdd9e26c1900999bfcbdfa127d20306d1bd44e1490008a5d3
- SSDEEP
  
  12288:O9HMeUmcufrvA3kb445UEJ2jsWiD4EvFuu4cNgZhCiZKD/XdyFV:aiBIGkbxqEcjsWiDxguehC2SS
Score

10^/10

darkcomet guest16 rat trojan
- Darkcomet
  DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
  trojan rat darkcomet
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

guest16darkcomet

behavioral1

darkcometguest16rattrojan

behavioral2

darkcometguest16rattrojan